For Epic Cheers go-live support, please contact NYP IS at
nypres.service-now.com/nyp-portal
or 212-746-4357
Last Reviewed: July 11, 2024
Approval Date: March 24, 2026
Information Technology Resources and data constitute valuable Weill Cornell Medicine (WCM) assets. The use of these assets is constantly changing and evolving, and it is important that WCM articulate a clear statement regarding their appropriate use. This policy provides requirements for the responsible use of Information Technology Resources and data.
This policy applies to all WCM Workforce Members who utilize WCM Information Technology Resources as well as those responsible for managing and safeguarding WCM data.
All members of the Weill Cornell Medicine community are responsible for protecting the confidentiality, integrity, and availability of data created, received, stored, transmitted, or otherwise used by the college, or for college activities by authorized parties regardless of the medium on which the data resides and regardless of the format (e.g., electronic, paper, fax, or other physical form).
Departments are responsible for implementing administrative, operational, physical, and technical controls for access, use, transmission, and disposal of Weill Cornell Medicine data in compliance with all Weill Cornell Medicine policies, standards, procedures, and guidelines.
Weill Cornell Medicine expects community members, including but not limited to faculty, staff, and students, to use all Weill Cornell Medicine information technology resources and data in a manner that is legal, ethical, and consistent with the mission of education, research, and patient care.
All WCM Workforce Members are responsible for protecting the confidentiality, integrity, and availability of data created, received, stored, transmitted, or otherwise used by the college, or for college activities by authorized parties regardless of the medium on which the data resides and regardless of the format (e.g., electronic, paper, fax, or other physical form).
Departments are responsible for implementing administrative, operational, physical, and technical controls for access, use, transmission, and disposal of WCM data in compliance with all WCM policies, standards, procedures, and guidelines.
WCM expects Workforce Members to use all WCM Information Technology Resources and data in a manner that is legal, ethical, and consistent with the mission of education, research, and patient care.
Information Technology (IT) Resources are the computing systems, networks, software, data, and related services owned, managed, or provided by WCM to support clinical, research, educational, and administrative activities. This includes institutional devices, applications, accounts, and infrastructure used to access, process, store, or transmit institutional information.
Workforce Members: Faculty; Non-Faculty Academics; Staff; Students; Volunteers; and other persons whose conduct, in the performance of work for WCM, is under the direction and control of WCM, whether or not they are paid by WCM.
Acceptable use of WCM IT resources and data includes, but is not limited to, Workforce Members:
Unacceptable use of IT resources and data includes, but is not limited to, accessing or using WCM ITS resources without proper authorization, and/or any of the following:
All WCM Workforce Members are responsible for adhering to this policy. Failure to comply will be evaluated on a case-by-case basis and could lead to corrective action, up to and including termination, consistent with other relevant WCM and University Policies. Instances of non-compliance that potentially involve a lapse of professionalism may lead to engagement of the Office of Professionalism for evaluation and intervention.
Contact Information
Direct any questions about this policy, 500.01 – Responsible Use of Information Technology Resources, to the Chief Information Security Officer, using one of the methods below:
This policy was reviewed and approved by:
