Limitation of Liability for Non University Owned Data

Category: Operations
Number: OPS-080-025
Audience: All University employees
Revised: January 29, 2014
Owner(s): AVP (Information Services)
Approved by: VP (Administration)
Contact: Associate Vice-President (Information Services) - 306-585-5646

Introduction

This policy ensures the clear communication of the limitation of the University’s liability for damages incurred by a user resulting from the temporary or permanent loss of Non University Owned Data stored on or in, or transmitted by, University facilities.

In determining what constitutes Non University Owned Data, the University looks to The Local Authority Freedom of Information and Protection of Privacy Act (153 KB) pdf (the “Act”) for instruction. Under the Act, the University has duties and obligations relating to its records. The Act draws a distinction between records that constitute University records versus the private records of individuals at the University (Non University Owned Data).

Typically, the research and study notes, teaching materials, reports, manuscripts, publications and personal communications of employees and students are not subject to the Act. They are not deemed to be University records and are therefore Non University Owned Data (i.e. personal records), unless they were prepared under contract for the University or in the context of University administrative work.

If the user is a researcher, the ownership of his/her electronic data stored on the University system would be dependent on the contract of engagement. If he/she is being funded by the University and is performing research for the University, the data may be owned by the University. Contrarily, the arrangement may be akin to the intellectual property rights granted to academic members, which would mean that the data is owned by the researcher.

Data stored by students on the University system belong to the students, and not the University, unless the students were working on a research project for a professor or were engaged in University administrative duties.

Policy

Employees and students shall be advised of the limitation of the University’s liability they accept when they use University computer systems, storage systems, networks, communication services, or data management facilities and services for Non University Owned Data.

Consequences for Noncompliance

Individuals who store Non University Owned Data on the University system do so at their own risk. If an incident occurs resulting in the loss of data, individuals who have not backed up their Non University Owned Data may lose that data.

Processes

Once at the beginning of each semester, Information Services shall communicate the following notification to employees and students through an e-mail distribution list that does not permit individuals to unsubscribe. The following limitation of liability statement shall be used:

The University of Regina provides access to computing, network and information resource facilities to faculty, staff and students to facilitate their work at the University. Each individual bears the responsibility of ensuring a current offsite backup exists for all non University owned data that they have stored or use within the University of Regina computing, network and information resource facilities.   

Individuals are now made aware of the University of Regina’s limitation of liability with respect to non University owned data.

With respect to non University owned data (personally owned data, records or communications), users, by using the University’s computing, network or other information resource facilities or services including but not limited to computers, servers, and related storage devices (The Services) acknowledge and agree that neither the University of Regina nor any of the University’s governors, officers, employees, faculty members or representatives will be liable for any special, indirect, consequential, incidental, punitive or exemplary damages, or damages (including but not limited to damages for loss of profits or savings, loss or corruption of data, loss of use of data or a service, or loss of records) in connection with the user’s use of The Services whether arising out of contract, tort or other basis.

Should the user not agree with this stated limitation of liability the user is required to immediately discontinue use of The Services for non University owned data. The user is further required to immediately remove all non University owned data, records, and communications from The Services.

Please refer to university policy OPS-080-025 for additional information.

Related Information