HomeMy WebLinkAbout20023099.tiff /2-o2--2oo,),_
WELD COUNTY
CODE ORDINANCE 2002-12
IN THE MATTER OF REPEALING AND REENACTING, WITH AMENDMENTS, CHAPTER 2
ADMINISTRATION, CHAPTER 3 PERSONNEL, AND CHAPTER 9 INFORMATION
SERVICES, OF THE WELD COUNTY CODE
BE IT ORDAINED BY THE BOARD OF COUNTY COMMISSIONERS OF THE COUNTY OF
WELD, STATE OF COLORADO:
WHEREAS, the Board of County Commissioners of the County of Weld, State of
Colorado, pursuant to Colorado statute and the Weld County Home Rule Charter, is vested with
the authority of administering the affairs of Weld County, Colorado, and
WHEREAS, the Board of County Commissioners, on December 28, 2000, adopted
Weld County Code Ordinance 2000-1, enacting a comprehensive Code for the County of Weld,
including the codification of all previously adopted ordinances of a general and permanent
nature enacted on or before said date of adoption, and
WHEREAS, the Weld County Code is in need of revision and clarification with regard to
procedures, terms, and requirements therein.
NOW, THEREFORE, BE IT ORDAINED by the Board of County Commissioners of the
County of Weld, State of Colorado, that certain existing chapters of the Weld County Code be,
and hereby are, repealed and re-enacted, with amendments, and the various chapters are
revised to read as follows.
CHAPTER 2
ADMINISTRATION
Add Section 2-2-140. Diversity Policy.
A. Weld County Government will provide a welcoming environment where all individuals
are respected, appreciated, included, and valued. Weld County recognizes the unique
perspective and wide range of knowledge diversity affords us. Weld County is
committed to learn from each other and understand that similarities and differences are
what create a strong organization and community.
B. Diversity is an inclusive term that includes all the differences which distinguish
individuals and groups from each other. The mosaic of the people of Weld County
brings a variety of backgrounds, style, perspectives, values, and beliefs as assets to the
community. To appreciate diversity is to recognize that the sum of the different groups
and individuals is a richer whole than the parts alone. Diversity includes, but is not
limited to, race, color, age, disability, creed, religion, cultural background and
experience. Diversity is integral to our success as an organization and community
which will add to the splendor and desirability of Weld County as a place to live and
work.
C. Weld County expectations.
2002-3099
PAGE 1 ORD2002-12
1. County employees and volunteers will understand and strive to follow stated
County organizational values and mission statement.
2. The County workforce, public advisory boards, and committees will strive to have
diverse representation.
3. County internal systems and policies will reflect commitment to diversity.
Examples include hiring practices, selection criteria, recruitment processes,
training, etc.
4. The County work place will be free from all illegal and inappropriate
discrimination or harassment.
5. All County departments and offices will provide services to citizens and clients in
a manner that is respectful and free from illegal or inappropriate discrimination or
harassment.
D. If Weld County's expectations as listed above are not met, the following procedures will
apply.
1. Employee reports the problem to a responsible County official, such as a
supervisor, elected official, department head, or the Director of
Personnel/General Services.
2. The official receiving the report documents all information received and persons
spoken to and notifies the Department of Personnel within twenty-four (24) hours
of the alleged incident.
3. In cooperation with the requesting department, the Department of Personnel
investigates, develops and retains documentation of all allegations and insures
that appropriate corrective actions are taken, including disciplinary measures by
the appropriate person when justified, to remedy all violations of this policy.
4. The Department of Personnel follows up within thirty (30) days to assure no
further violations of the policy have occurred.
E. County policies and internal systems will be monitored by all elected officials and
department heads for compliance to this policy.
F. Retaliation of any kind will not be tolerated.
Add Section 2-5-30. Authorize Use of County-owned Heavy Equipment.
A. Due to recent dry weather conditions and a mild, dry winter, prairie lands located in
Weld County have become a high fire danger, emphasizing the need for a cooperative
approach among citizens and private and public entities, to fight prairie fires which may
occur on public and/or private lands.
B. Because of the extreme danger to public and/or private lives and property, the Board of
County Commissioners, by Resolution #2002-1582, approved June 17, 2002, authorized
the use of Weld County motor graders or other heavy equipment operated by Weld
County personnel to fight prairie fires on public or private lands in Weld County.
2002-3099
PAGE 2 ORD2002-12
1. Use of the equipment shall be deemed necessary by the on-scene fire
commander.
2. Weld County personnel necessary to operate the motor graders or heavy
equipment shall be under the supervision and direction of the on-scene fire
commander.
Amend Section 2-12-10. Private use of County property.
A. All personal property and computer software owned or leased by the County is to be
used for job-related purposes only. Personal property includes, but is not limited to,
motor vehicles, computers, telephones, copiers and facsimile machines. Employees
who privately use personal property or computer software owned or leased by the
County are subject to disciplinary action, up to and including discharge. To ensure that
the use of personal property owned or leased by the County is consistent with this
policy, authorized representatives of the County may monitor the use from time to time.
B. All communications, digitally stored documents, and other forms of information
transmitted by, created by, received by or sorted in electronic and/or telephonic
communications systems owned or leased by the County are the property of the County.
Employees do not have a right to privacy in such communications and information even
if the information resides on privately owned devices.
Delete Section 2-12-20. Electronic mail. (Incorporated into Chapter 9)
CHAPTER 3
PERSONNEL
Amend Section 3-1-50.B. Employees retiring from County service under the Weld County
Retirement Plan may work no more than a total of o;,, hundred forty-four(1,644)
one thousand nine hundred seventy-six (1,976) hours annually as an hourly, part-time or job-
share retiree employee to continue receiving Weld County Retirement Plan benefits.
Depending on the job situation, a retiree may receive pay and benefits in any one (1) of the
following retiree categories:
Amend Section 3-3-10.A.3.
Negligent or willful damage or waste of public property. This includes misuse of County
property, equipment, vehicles or other materials for private gain, use or convenience and
unauthorized use, possession or storage of County property.
Amend Section 3-12-10. Confidential information.
Because of the nature of County business, employees may have access to information of a
confidential nature. This information should not be discussed except with authorized personnel.
If any situation arises concerning confidential information in which an employee has a question,
the employee should discuss it with his or her supervisor immediately. Misuse or disclosure of
confidential information obtained in the course of County employment could result in personal
legal liability and disciplinary action, up to and including termination from employment.
Documents and copies generated in the course of County employment are the exclusive
property of the County and are not to be used for personal use or retained in the possession of
an employee.
2002-3099
PAGE 3 ORD2002-12
CHAPTER 9
INFORMATION SERVICES
Repeal Article 3, Internet Acceptable Use Policy, in its entirety, and replace with the
following:
Section 9-3-10. General provisions.
A. The Department of Information Services, in conjunction with the Information Services
Governance Committee (ISGC), has taken the necessary steps to provide an Internet
Acceptable Use Policy (IAUP) on acceptable use of the Internet by County agencies and
departments. Any County agency or department eligible for, and having funding for, the
Weld County network or the Internet will be provided with access under the terms and
conditions of this policy.
B. The objective of this policy is to minimize the risks to business functions and
government-owned assets, and to assure adherence to regulatory and legal
requirements and enterprise policies when County resources are used to access public
networks.
C. Violation of this policy may be grounds for having access to the Weld County network
and/or Internet services revoked. Continued abuse of this policy could lead to employee
disciplinary actions including termination of employment.
D. This policy applies to any activity performed from a Weld County owned asset and to all
Weld County employees or contracted agents of Weld County performing work activities
on behalf of Weld County. Work activities conducted from remote devices or even
personally owned devices are subject to this policy except that this policy does not apply
to an employee performing activities solely as a member of the public and without the
use of County-owned assets. The policy applies to electronic communications on Weld
County Networks and public networks including, but not limited to, the following:
1. Electronic Communications:
a. E-mail.
b. File transfer.
c. Remote login.
d. Remote control software.
e. Discussion groups/bulletin boards.
f. World Wide Web, Gopher, web servers, wide area information servers
(WAIS).
g. Personal computing devices.
h. Digital type devices that can communicate with personal computers or
public networks.
2002-3099
PAGE 4 ORD2002-12
2. Public Networks:
a. Internet.
b. America Online, CompuServe, Prodigy, etc.
c. Online search services such as Dialog, Paperchase, etc.
d. Dialup bulletin board systems.
e. Weld County network.
Sec. 9-3-20. Introduction.
Weld County network access and Internet access can provide significant business benefits for
County government agencies. However, there are also significant legal, security and
productivity issues related to how the Internet is used. Examples of such issues are listed
below.
A. The potential to receive computer viruses from Internet information sources.
B. The potential for someone to eavesdrop on data or correspondence which is exchanged
via the Internet.
C. The potential for a County government employee, through the content of his or her
Internet exchanges, to impugn the reputation of local government officials and thereby
invite civil liabilities.
D. The potential for County government employees to be enticed by the vast social and
informational forums of the Internet into spending significant work time on nonproductive
activities.
E. If County government agencies or any person using an Internet connection sufficiently
upsets other Internet users, the connection could be flooded with traffic in protest, thus
negatively impacting the availability of the service for true business purposes.
F. Outside access to local databases can overwhelm the processing power of the local
network.
Sec. 9-3-30. Definitions.
The following words, when used herein, shall have the definitions contained below:
Data custodian means an owner or person responsible for the data.
Electronic mail (E-mail) means a widely used network application in which mail
messages are transmitted electronically between end users over various types of
networks using various network protocols.
2002-3099
PAGE 9 ORD2002-12
Gopher or Internet gopher means a distributed document delivery service. It lets users
access various types of data residing on multiple hosts. This is done by presenting the
user menu documents and by using a client-server communications model.
HTTP means Hyper Text Transport Protocol.
Internet means the world's largest internetwork, connecting thousands of networks
worldwide and having a "culture" that focuses on simplicity, research and
standardization based on real-life use.
IP means Internet Protocol, the network layer for the TCP/IP Protocol Suite. It is a
connectionless, best-effort switching protocol that offers a common layer over dissimilar
networks.
Public Network means commercial, private or Weld County owned networks which
establish the technical infrastructure that allow computer-type devices to communicate
with one another and share data and peripheral devices. These networks usually
provide access to the Internet.
Usenet means the thousands of topically named newsgroups, the computer which run
them and the people who read and submit Usenet news.
Wide Area Information Servers means a distributed information service that offers
natural language input and indexed searching, and lets the results of initial searches
influence future searches.
W W W means the World Wide Web, a project that merges information retrieval and
hypertext to make an easy-to-use, powerful, global, academic information system.
Section 9-3-40. Guidelines.
The purpose of the following is to provide a short checklist of procedures which should be
followed while accessing public networks through company resources. These guidelines
govern both County employees, contractors and anyone working via County direction. For
more specific and detailed policy statements, refer to the Sections that follow in this Article.
A. Use of County resources for accessing public networks is for work-related purposes
only.
B. Users shall act responsibly when participating in discussions over a public network.
They shall be polite and not get abusive in their messages to others. Users should
remember that defamation can occur due to malicious use of the Internet.
C. Users shall not use public networks inappropriately. The use may be monitored and
access may be revoked at any time for inappropriate conduct.
D. Users shall determine and abide by the policies and procedures of any external network
accessed. Each user is expected to be a responsible network citizen (Netiquette).
E. Downloading of any software programs or applications including, but not limited to,
shareware, freeware, demo's, etc., is strictly prohibited. All such requests must go
through the Department of Information Services.
2002-3099
PAGE 10 ORD2002-12
F. When downloading non-application software, the user shall check for copyright or
licensing agreements. If there is any doubt, the user shall not copy the software. If a
licensing agreement exists or the user must pay for the information, it must first be
approved by the Information Services Governance Committee.
G. To minimize network traffic, no automatic requests for information on the Internet and
applications that generate constant network traffic, e.g., Internet radio stations,
channels, music sharing services, etc. should always be avoided.
H. The generation of excessive Internet e-mail shall be avoided.
The target directory must be scanned with anti-virus software before and after
downloading any files from the Internet. As most downloads are in a "zipped" format,
scanning the files after"unzipping" is necessary. It is the user's responsibility to ensure
that the downloaded files are free from known viruses.
J. Users shall not use software (network "probes") which attempts to discover properties
about the public network or computing resources connected to that network.
K. Users should be aware that any data transferred via the Internet is prone to be
monitored and/or intercepted by unintended destinations.
L. All County e-mail is a public record and may be subject to public inspection.
M. Even if software allows configuration changes to networks, computers, and other
hardware or software, actual changes should only be made by members of the
Information Services Department.
Section 9-3-50. Roles and responsibilities.
A. The role of the Department of Information Services is as follows:
1. Establish Internet Acceptable Use Guidelines.
2. Apprize elected officials/department heads of any continued abuse. It is
specifically NOT the role of the Department of Information Services to act as the
"Net Police." The Department of Information Services cannot be held
responsible for nonprofessional usage, improper humor or the moderation and
monitoring of e-mail or Usenet groups. Disciplinary actions for sexual
harassment and hostile work environment violations and for use of County
property for personal purposes are defined by the County policy contained in
Chapter 2 of this Code.
B. The role of the Information Services Governance Committee is as follows.
1. Review and approve Internet Acceptable Use Guidelines.
2. Advocate adherence to the policy.
C. The role of the County departments and agencies is as follows.
1. Act as the authorizing agent that allows access to the Internet.
2002-3099
PAGE 11 ORD2002-12
2. Ensure guidelines are followed
3. Provide for training of employees who need access.
4. Budget for service and associated training, if needed.
5. Establish its own data sensitivity policy.
Section 9-3-60. Protection of proprietary information.
A. Data sensitivity. Persons transmitting enterprise data over public networks should
ensure that the data is processed according to its level of sensitivity by using the
definitions and guidelines which follow. After having read the following sections, if the
user is unsure of how to properly handle specific data, he or she should contact the
information asset owner (data custodian) for guidance.
B. Data sensitivity definitions.
1. Confidential data.
a. Shows specific strategies and major directions.
b. Confidential information as defined by local, state or federal laws, rules or
regulations, e.g., Social Services data.
c. Data of other businesses/persons with respect to which the enterprise is
under an obligation of confidentiality.
2. Restricted data.
a. Working files not completed for public dissemination.
b. Is of such a nature that unauthorized disclosure would be against the
best interest of the County.
c. Personnel data.
d. Data with restricted use or access per local, state or federal laws, rules or
regulations, e.g., criminal justice data.
3. Proprietary data: All enterprise-related information requiring baseline security
protection, but failing to meet specified criteria for higher classifications.
a. Organizational policies and procedures that are internal by nature.
b. Internal announcements.
4. Unclassified data: Information which requires no security protection.
a. Public information.
b. Public announcements.
2002-3099
PAGE 12 ORD2002-12
c. Internal correspondence and documentation which do not merit a security
classification.
C. Data sensitivity processing guidelines. Table 9.1 reflects the guidelines to be used in
processing sensitive data:
Table 9.1
Data Sensitivity Processing Guidelines
IConfidential Restricted Proprietary Unclassified
Encrypted Encrypted Owner defines High volume
permissions Use other
alternatives (mail
carrier)
Owner Owner defines High volume
defines permissions Use other
permissions alternatives
(mail carrier)
Marked High volume
confidential Use other
alternatives (mail
carrier)
High volume
Use other
alternatives
(mail carrier)
Section 9-3-70. Security.
A. Internet growth over the last several years has increased greatly. There are millions of
pages of Internet information and billions of publicly available files. It is impossible to
monitor every available site to determine if the site has material which violates policy.
Even if a specific item is in violation of County standards, blocking access will not
prevent access to the material, as many sites are either mirrored at other locations, or
changes its name and Internet Protocol number regularly to avoid prosecution.
B. Information Services may, without notice, restrict access of any individual to the Internet
or the County network, as a whole or in part, in order to protect the security of Weld
County's network and its infrastructure and stored data. Restrictions may be placed on
workstations and personal computing devices to restrict configurations changes to those
devices or to the operating systems to ensure the efficient transfer of network traffic and
to minimize network or computer downtime.
C. The following modem/Internet security guidelines shall be followed.
1. When utilizing a modem for remote access to another computer, a user shall be
aware of and follow the Acceptable Use Policy, if any, regarding the remote
public/private system.
2. There is no such thing as a one hundred percent secure system; the human
element is always the weakest link in system security.
2002-3099
PAGE 13 ORD2002-12
3. The user shall make sure that any related passwords are secure, and shall not
share the passwords or write passwords on paper. Also, it is recommended that
a password consists of letters and numbers.
4. Within the software which controls the modem, it is recommended that the
"answer off" (if applicable) mechanism is exercised in all situations, unless
approved by the Department of Information Services.
5. If a user elects to download nonapplication software, the download directory
MUST be scanned with an anti-virus program immediately following the
download. The Department of Information Services will be happy to train the
end-user on utilizing the anti-virus program. The user should be aware that if he
or she has a modem and is on the County network, it is possible for a virus to
attack any or all networked computers.
6. The user shall not distribute the phone number of the shared or dedicated
modem line unless it is absolutely required.
7. If the phone number to the remote system is long-distance, the call shall be kept
to a minimum length.
8. If the modem is external, it shall be turned off when not in use.
Section 9-3-80. Acceptable use guidelines.
A. Purpose. This Section represents a guide to the acceptable use of the Internet and
Weld County's own network for County employees. In those cases where data
communications are carried across other regional networks or public networks, network
users are advised that acceptable use policies of those other networks apply and may
limit use.
B. General.
1. Participating agencies assume responsibility for providing reasonable publicity
and enforcement for this "Internet Acceptable Use Policy". Ultimate
responsibility for traffic that does not conform to this policy lies with the individual
end user. It is the responsibility of the County agency to monitor and rectify the
behavior of its users who disregard this policy.
2. It is also the responsibility of each County agency to provide adequate training
for its users to ensure appropriate network use.
3. The Department of Information Services and the County accept no responsibility
for the traffic which they transport and which violates the Acceptable Use Policy
of any connected networks, beyond informing the County agency if and when a
violation is brought to the attention of the Information Services Governance
Committee.
4. All use of the network must be consistent with the goals and purposes of the
network and within the spirit of this Section. The guidelines listed herein are
provided to make clear the categories of use which are consistent with the
purposes of the Internet or public network. The intent is not to exhaustively
enumerate all such possible uses or misuses.
2002-3099
PAGE 14 ORD2002-12
5. Internet computing resources are world-wide, and all users are urged to exercise
common sense and decency with regard to these shared resources. Particular
attention should be paid to policies developed for various Internet services by
Internet users, such as Usenet policies.
6. Because of the diversity of resources on the Internet and other public networks,
it is impossible to list all the do's and don'ts. In general, common sense should
be used to judge situations. The following are some guidelines to start with.
a. Computing resources should be used only for County related business in
the support of the administrative, instructional, research, and public
service objectives of the County.
b. Appropriate use of resources is limited to the official work of the
agencies. Examples of inappropriate use of resources include, but are
not limited to:
1) Any traffic that violates state/local and federal laws.
2) Any traffic that is unethical in nature.
3) Distribution of unsolicited advertising.
4) Propagation of computer worms and/or viruses.
5) Distribution of chain letters.
6) Attempts to make unauthorized entry to another network node.
7) Use for recreational games.
8) Personal use.
9) Sexually offensive material.
10) Running applications that generate constant unnecessary network
traffic.
7. The Information Services Governance Committee endorses the following
guidelines concerning computing resources.
a. Users shall respect the privacy of others. They shall not seek information
about, obtain copies of, or modify electronic information belonging to,
other users unless explicitly authorized to do so by those users.
b. Users shall not share passwords with others or use passwords not
belonging to them.
c. Users shall respect appropriate laws and copyrights. The distribution of
programs, databases and other electronic information resources is
controlled by copyright laws, licensing agreements, and trade secret
laws. These shall be observed.
2002-3099
PAGE 15 ORD2002-12
8. All County agencies must accept these guidelines and understand that network
traffic originating from its location is to be consistent with this policy. The
Department of Information Services can not police the network but may refer to
the appropriate Elected Official or Department Head for disciplinary action any
agency that appears to be in persistent and/or serious abuse of this policy.
Questions pertaining to the policy or interpretation of the policy should be
submitted to the Internal Services Governance Committee.
9. The Department of Information Services may at any time make a determination
that particular uses are not consistent with the purposes of the network
connection. Such determinations will be reported to the agency's Elected Official
or Department Head, as appropriate, for information and possible imposition of
sanctions. Persistent and/or serious violation of the policy may result in
withdrawal of approval to use the Internet and other public networks or other
penalties.
C. Participation in discussion groups.
1. There should be a good business reason for participating in any discussion
group over the Internet.
2. The user must be aware that the information he or she puts out on the Internet
will be perceived as the official County position unless specifically identified as
personal opinion, even in a discussion. If the user is offering his or her own
opinion, he or she shall be sure it is clearly identified as such. Also, if you would
be embarrassed to have someone read it on a postcard, do not say it on the
Internet or in any e-mail.
3. All rules which apply to other forms of written correspondence apply here, even
though the style is more casual.
D. Classes of mail allowed. Setting the standards for both casual and official
correspondence is the responsibility of the individual department and is the same for the
Internet as for other forms of written correspondence.
E. Qualifications for access authority. Before the Department of Information Services
approves a user for Internet or County network access, a Weld County Computer
Security Request Form must be properly filled out and processed according to the
normal procurement process.
Section 9-3-90. Web server guidelines.
A. Review. The Department of Information Services and the Governance Committee will
review all Web access proposals to ensure that the project adheres to all guidelines set
forth in this Section.
B. Initial approval. Any proposed Web access must be submitted to the Information
Services Governance Committee for initial approval of the proposed project. The
following information must be provided to the Department of Information Services for it
to review and assist in submitting the initial request to the Governance Committee.
1. State the general purpose of the project and how it relates to County business.
2002-3099
PAGE 16 ORD2002-12
2. Define the scope of the project, including what information is going to be made
available, to whom it will be available, and who the targeted user is.
3. Provide initial design documentation, which includes a rough page layout,
applets, links images, etc.
4. Identify any County data accessed not located on the Web server and how the
data will be used.
5. Identify the designated contact person within the department for this project, who
will be responsible for maintaining current information.
6. Identify the security requirements of the project.
C. Guidelines. If initial approval is granted for the project, the following guidelines must be
followed during the development:
1. The Department of Information Services must establish and maintain a fully
functioning firewall for Web access projects to be operating in production.
2. The Department of Information Services will monitor applications and network
activity and set restrictions as needed to prevent problems with County data or
internal network processing.
3. The Department of Information Services will maintain appropriate security levels.
4. The Department of Information Services will approve and allocate resource
requirements.
5. To help ensure compatibility between applications, development tools as defined
by the Department of Information Services and approved by the Information
Services Governance Committee will be used.
6. The Department of Information Services must review and approve the proposed
location of the data and Web page access, Web server and network access
points.
7. All development and/or enhancements to a project must be performed and
tested on a designated test Web server.
8. After testing is completed and the project is reviewed by the Department of
Information Services, the project will be transferred to the production Web
server. Only the Department of Information Services will have development
access on the production Web server.
9. The Department of Information Services' main priority is to maintain the integrity
of the County data and in-house network processing capabilities. If at any time,
the web page and/or associated links/controls do not adhere to the set standards
or cause a problem for whatever reason, the web page may be terminated
without notification.
10. Contents of Web pages should be approved by Department Head/Elected
Official or his or her designee.
2002-3099
PAGE 17 ORD2002-12
Section 9-3-100. Use of electronic mail.
A. Electronic mail (e-mail) is defined as any message that is transmitted electronically
between two (2) or more computers or terminals, whether stored digitally or converted to
hard (paper) copy. Under Part 2, Article 72, Title 24, C.R.S., e-mail messages may be
considered public records and may be subject to public inspection, pursuant to Section
24-72-203, C.R.S. All computer-related information, including e-mail messages and/or
digitally stored documents, are the property of the County and are considered the
County's records even if the information resides on privately owned devices.
Section 9-3-110. Employee access to e-mail.
A. All County employees with a need will be assigned a user address by the Department of
Information Services. These addresses may be used to send and receive e-mail
messages to/from other County employees. Conduct for use of these e-mail systems is
detailed in the following Sections.
B. Elected officials and department heads may also request an e-mail address that is
Internet-accessible. At the request of the department head or elected official,
employees will be provided Internet-accessible e-mail addresses for conducting County
business. Employees will be provided such e-mail addresses, pending County
technology capabilities and availability. Continued access to Internet-accessible e-mail
will be contingent upon the employee's conduct, as outlined previously in this Article and
reviewed below. Costs associated with e-mail access will be evaluated annually and
determined through the County's budget process.
Section 9-3-120. Employee conduct with e-mail.
A. As with any County property or equipment, e-mail should be used for official County
business only. Incidental and occasional personal use of e-mail is permitted. However,
strictly forbidden e-mail usage includes use for personal profit or gain; transmission of
political messages; solicitation of funds for political or other purposes; or sending of
harassing messages.
Section 9-3-130. Monitoring e-mail.
A. Because e-mail is County property, the County has the right to inspect and review any
e-mail or other data stored on County computers and equipment or on privately owned
devices if used in the course of County business. Information Services' staff is
responsible for monitoring electronic mail through regular computer network
maintenance. Additionally, County officials may inspect and copy e-mail and computer
records when there are indications of impropriety by an employee, when substantive
information must be located and no other means are readily available, or when
necessary for conducting County business. Supervisors may review the contents of an
employee's electronic mail without the employee's consent.
Section 9-3-140. Retention, archiving and destruction of e-mail.
A. E-mail messages that concern policies, decision-making, specific case files, contracts or
other information that should be kept as part of the official records of County business
should be retained by the recipients of such e-mail. Therefore, employees are
responsible for retaining and archiving electronic mail messages as official records of
County business. E-mail messages that are intended to be retained as public records
2002-3099
PAGE 18 ORD2002-12
should be stored on the County's network drives in order to be included in the
centralized back-up process.
B. The Director of Information Services is the official custodian of electronically/digitally
stored information, including e-mail. The Department of Information Services is
responsible for monitoring and retrieving archived data/information.
C. Users (employees) are responsible for archiving e-mail messages. After forty-five (45)
days, employees should delete e-mail messages to minimize storage requirements.
The Department of Information Services is responsible for long-term storage of
electronic mail and will retain/destroy e-mail records in accordance with the records
retention schedules established for records by the State, pursuant to Part 1 of Article 17
of Title 6, C.R.S.
Section 9-3-150. Public requests for e-mail.
A. Public requests for e-mail that is a public record should be submitted to the elected
official or department head. Public requests for public records will be handled in
compliance with the Public Records Act. If a request is made to inspect e-mail, County
staff shall, prior to release, consult the Elected Official or Department Head prior to
allowing inspection of the correspondence, for the purpose of determining whether the
correspondence is a public record.
B. Members of the public who request public e-mail records will be charged for the costs of
providing those records, in accordance with the County fee schedule.
Add Article VIII Personal Computing Devices, as follows.
Section 9-8-10. Need for Policy.
A. This policy is intended to provide guidance to departments who are utilizing personal
computing device technology and to help minimize the risk to business functions and
government owned assets. This policy also extends the County's right to data
ownership and its right to review data on computing devices to areas of new technology.
Section 9-8-20. Definitions.
A. Workstation. End-user computing device. Usually this device is a desktop computer at
an employee's desk linked to Weld County's network.
B. Personal Computing Device. Hardware designed to be very portable that contains a
computer chip to allow the device to communicate with the Weld County network or
share/store information with a device already connected to the network. Examples are
Pocket PCs, Palm PCs, PDAs, Palm phones, Smart phones, wearable computers,
e-mail devices, etc.
C. Personal Digital Assistant(PDA). See "Personal Computing Device" above.
D. End User. A person utilizing any computing or communication device to perform daily
activities related to Weld County business.
E. Synchronization Software. Software installed on a workstation that enables it to
share/transfer information to and from the personal computing device.
2002-3099
PAGE 19 ORD2002-12
F. Support Staff. Individuals employed and trained to support computer software and
hardware.
G. Information Services Governance Committee (ISGC). Reviews information technology
issues or projects and provides recommendations to the Board of Weld County
Commissioners concerning information technology policy at Weld County.
Section 9-8-30. Statement of Policy.
A. With the growing need for instantaneous communication and data access, Weld County
recognizes the need to incorporate new technology to facilitate business related
functions by allowing personal computing devices to share data or communicate with the
Weld County network. Employees using any form of mobile computing or personal
computing technology that synchronizes information, transfers information, or
communicates with Weld County Government's network infrastructure or data must be
knowledgeable of and operate within these guidelines.
B. This policy applies to any activity performed from a County-owned asset and to all Weld
County employees or contracted agents of Weld County performing work activities on
behalf of Weld County. Work activities conducted from remote devices or even
personally-owned devices are subject to this policy. However, this policy does not apply
to an employee performing activities solely as a member of the public and without the
use of County-owned assets.
C. Guidelines.
1. This policy applies to any county-owned device or any personally-owned device
the owner wants to link to or communicate with the County's network or data.
2. The personal computing device is not considered a secure computing device.
Being a small and very mobile device, it has a higher chance of being misplaced
or stolen. Under no circumstances should lists of passwords be maintained on a
personal computing device, and the password protection feature should be
enabled.
3. Data transferred to, created, or updated on the personal computing device is not
backed up by the County's normal data backup procedures. It is the user's
responsibility to ensure a recoverable version of any data that is the property of
Weld County.
4. To be considered for approval of linking or communicating with the Weld County
network, the personal computing device must meet County hardware and
software standards established by the Information Services Governance
Committee. Requests failing to meet Weld County standards will result in denial
of access to the Weld County network.
5. If the device is used to synchronize or communicate with the Weld County
network or its data, the county business related information remains the property
of Weld County. Weld County reserves the right to inspect the device and its
contents at any time and/or request the removal of the data or software. Failure
to comply with the request will be in violation of this policy.
2002-3099
PAGE 20 ORD2002-12
6. Even though the personal computing device is a mobile device, by using the device
in association with the Weld County network, the employee agrees that the use of
the device and its contents is still governed by Weld County's Internet Acceptable
Use Policy.
7. The elected official or department head must ensure there is a justified business
need to approve the employee's use of the personal computing device that links
with the Weld County network. The elected official or department head is
responsible for the type of data that will be contained on the personal computing
device.
8. At the end of employment with Weld County, the County-owned device will be
returned to Information Services with any personal information removed. If the
employee was using a personally-owned device, the employee promises to
ensure all Weld County related information is copied back to the Weld County
network and the elected official or department head is informed as to where it is
stored on the network. The information and all backups of the information will
then be deleted from the personally-owned device.
9. All software on County-owned devices must be legally licensed for the device on
which it is installed. Requests for new hardware or software (synchronization
software or regular application software) may be made through the normal
governance approval process.
10. Information Services will support only the Weld County standard synchronization
software that facilitates the link with GroupWise calendaring. All devices must
be compatible with that standardized software to be considered for linking or
communicating with the Weld County network. In addition, personally owned
devices must be in full operational order prior to requesting the installation of
synchronization software on the user's desktop personal computer.
11. If an employee is planning to purchase a personal computing device and wants
to synchronize/link it with the Weld County network, it is the employee's
responsibility to meet Weld County standards for hardware and software, receive
approval from the Elected Official or Department Head approval, and confirm
any Weld County funding of any additional required hardware and/or
synchronization software. Approvals should be obtained prior to any purchase.
12. Weld County reserves the right to discontinue authorization for linking personal
computing devices to the network at any time because of any perceived threat to
the stability of the Weld County network infrastructure. In addition, Weld County
may, at any time, require additional and/or different software be used on the
desktop or the personal computing device to safeguard the network or to
maintain compatibility with other applications.
13. Personal computing type devices, i.e., PDA's, palm phones, e-mail devices,
projectors, digital cameras, etc. are not included in the normal Information
technology repair costs. Repairs are the responsibility of the individual owner or
the County department.
14. For an employee to synchronize or link personal computing devices with the
Weld County network, the user and personal computing device must be
registered as a user with the Information Services Department.
2002-3099
PAGE 21 ORD2002-12
15. Weld County does not guarantee continued compatibility with any hardware
device or software being utilized in this environment and is not liable for personal
expenses incurred.
16. Weld County or ACS is not responsible for any damage to personally owned
hardware or software that may be incurred while supporting the personal
computing device or related software.
17. Abuse of this policy can result in removal of authorization to have personal
computing device link or communicate with the Weld County network.
Continued abuse of this policy could lead to employee disciplinary actions
including termination of employment.
Section 9-8-40. Procedure.
A. Any purchased hardware must meet Weld County standards.
B. Any Weld County employee wishing to synchronize a personal computing device with a
desktop personal computer or link it with the Weld County network, must first have it
approved by their Elected Official or Department Head. There must be a clear business
need to approve the request.
1. Requesting user must be an authorized user of the Weld County network.
2. All related hardware and software purchases must be approved by the
Information Services Governance Committee.
3. Requesting user must sign the Personal Computing Device Acknowledgment
form explaining Weld County's right to review any information contained on the
device. The Personal Computing Device Acknowledgment form is available from
the Information Services Department. Along with the user's signature, the
employee's full name, device make and model, operating system, and serial
number shall be provided.
C. Information Services will review the information on the Personal Computing Device
Acknowledgment form to ensure the hardware and software meet Weld County
standards.
1. Information Services will inform the employee of approval or denial.
2. Information Services will maintain a log of all users who synchronize or link a
personal computing device with the Weld County network.
D. If hardware or software purchases are involved, purchases will be made after the
Information Services Governance Committee approvals have been obtained.
1. Information Services will process approved requests by ordering and receiving
regular PDA type devices.
2. Phone Services and/or the Weld County Purchasing Department will process
approved requests for other types of personal computing devices, i.e.,
palmphones, LCD projectors, digital cameras, digital video cameras, etc.
2002-3099
PAGE 22 ORD2002-12
a. Prior to any purchase, the requesting department should obtain
Information Services approval on any digital device that will link or
communicate with personal computers or the Weld County network.
Information Services will ensure compatibility with existing standards and
plan network resource availability and/or capacity.
b. The response from Information Services will include the detailed items
that have been approved.
E. Any application software that will reside on the personal computing device should be
treated as a regular application software request to be reviewed by Information Services
and approved by the Information Services Governance Committee prior to being
purchased or implemented.
1. Any application software residing on the personal computing device must output
data in a format compatible with existing desktop application software standards.
F. If data related to Weld County business is created or updated on the personal
computing device, it is the user's responsibility to provide a backup of modified data or
ensure that it is copied back to their M: network drive where it is included in the
centralized backup process. Data on a desktop personal computer's local drive is not
backed up in the centralized backup process.
G. Personal Computing Device Standards
1. PDA type devices.
a. Devices running the Palm Operating system, which must also be
compatible with designated synchronization software.
1. Documents To Go software may be necessary to provide
compatibility with Microsoft Word and Excel.
b. Devices running the Microsoft Windows Pocket PC operating system,
which must also be compatible with designated synchronization software.
2. Software to synchronize GroupWise calendar.
a. IntelliSync version 5.x and higher, manufacturer Puma Technology.
3. Network client software must be compatible with currently established Weld
County network versions and protocols (when available).
a. Check with Information Services Department for current requirements.
Section 9-8-50. Exceptions.
The authority to approve exceptions to this Policy is delegated to the Director of Information
Services Department
2002-3099
PAGE 23 ORD2002-12
Section 9-8-60. Interpretation Contact.
Director of Information Services.
BE IT FURTHER ORDAINED by the Board that the Clerk to the Board be, and hereby
is, directed to arrange for Colorado Code Publishing to supplement the Weld County Code with
the amendments contained herein, to coincide with chapters, articles, divisions, sections, and
sub-sections as they currently exist within said Code; and to resolve any inconsistencies
regarding capitalization, grammar, and numbering or placement of chapters, articles, divisions,
sections, and sub-sections in said Code.
BE IT FURTHER ORDAINED by the Board if any section, subsection, paragraph,
sentence, clause, or phrase of this Ordinance is for any reason held or decided to be
unconstitutional, such decision shall not affect the validity of the remaining portions hereof. The
Board of County Commissioners hereby declares that it would have enacted this Ordinance in
each and every section, subsection, paragraph, sentence, clause, and phrase thereof
irrespective of the fact that any one or more sections, subsections, paragraphs, sentences,
clauses, or phrases might be declared to be unconstitutional or invalid.
The above and foregoing Ordinance Number 2002-12 was, on motion duly made and
seconded, adopted by the following vote on the 23rd day of December, A. D., 2002.
BOARD OF COUNTY COMMISSIONERS
WELD COUNTY, COLORADO
ATTEST:
Glenn Vaad, Chair
Weld County Clerk to the Board
David E. Long, Pro-Tem
BY:
Deputy Clerk to the Board
M. J. Geile
APPROVED AS TO FORM:
William H. Jerke
County Attorney
Robert D. Masden
First Reading: November 13, 2002
Publication: November 20, 2002, in the Tri-Town Farmer and Miner
Second Reading: December 2, 2002
Publication: December 11, 2002, in the Tri-Town Farmer and Miner
Final Reading: December 23, 2002
Publication: December 24, 2002, in the Tri-Town Farmer and Miner
Effective: January 1, 2003
2002-3099
PAGE 24 ORD2002-12
Hello