Business Policies
The policies below outline the acceptable use of Merit Network facilities and services (Services), employment and human resources practices, peering connectivity, privacy protection, and more.
DOWNLOAD PDF VERSION

Revised to remove obsolete use of “affiliate”, 6 December 2013
Prior version, May 30, 2006

This Policy is a guide to the acceptable use of Merit Network facilities and services (Services). Any Member organization or individual connected to Merit’s network in order to use it directly, or to connect to any other network(s), must comply with this policy and the stated purposes and Acceptable Use policies of any other network(s) or host(s) used.

Each Member organization is responsible for the activity of its users (including guests and other temporary users) and for ensuring that its users are familiar with this policy or an equivalent policy. In addition, each Member is encouraged to maintain and enforce its own Acceptable Use policies. The provisions of this policy govern all use of the Services, including any unsupervised anonymous network access offered by Members.

The following guidelines will be applied to determine whether or not a particular use of the Services is appropriate:


  1. Users must respect the privacy of others. Users shall not intentionally seek information on, or represent themselves as, another user unless explicitly authorized to do so by that user. Nor shall Users obtain copies of, or modify files, other data, or passwords belonging to others.

  2. Users must respect the legal protection applied to programs, data, photographs, music, written documents and other material as provided by copyright, trademark, patent, licensure and other proprietary rights mechanisms.

  3. Users must respect the integrity of other public or private computing and network systems. Users shall not intentionally develop or use programs that harass other users or infiltrate any other computer, computing system or network and/or damage or alter the software components or file systems of a computer, computing system or network.

  4. Use should be consistent with guiding ethical statements and accepted community standards. Use of the Services for malicious, fraudulent, or misrepresentative purposes is not acceptable.

  5. The Services may not be used in ways that violate applicable laws or regulations.

  6. The Services may not be used in a manner that precludes or significantly hampers network access by others. Nor may the Services be used in a manner that significantly impairs access to other networks connected to Merit.

  7. Connections which create routing patterns that are inconsistent with the effective and shared use of the Services may not be established.

  8. Unsolicited advertising is not acceptable. Advertising is permitted on some Web pages, mailing lists, news groups and similar environments if advertising is explicitly allowed in that environment.

  9. Repeated, unsolicited and/or unwanted communication of an intrusive nature is strictly prohibited. Continuing to send e-mail messages or other communications to an individual or organization after being asked to stop is not acceptable.

The intent of this policy is to identify certain types of uses that are not appropriate, but this policy does not necessarily enumerate all possible inappropriate uses. Using the guidelines given above, Merit may at any time make a determination that a particular use is not appropriate.

Merit will not monitor or judge the content of information transmitted via the Services, but will investigate complaints of possible inappropriate use. In the course of investigating complaints, Merit staff will safeguard the privacy of all parties and will themselves follow the guidelines given in this policy and in Merit’s Privacy Policy. Merit will only release sensitive, confidential or personally identifiable information to third parties when required by law, or when in Merit’s judgment, release is required to prevent serious injury or harm that could result from violation of this policy.

Remedial Action

When Merit learns of possible inappropriate use, Merit staff will notify the Member responsible, who must take immediate remedial action and inform Merit of its action. Merit will assist the Member in identifying the nature and source of the inappropriate use and in implementing remedial action if requested. Provided the Member implements remedial action promptly, Merit will take no further action. If Merit is unable to contact the Member, or if the Member is unable to implement remedial action, Merit reserves the right to pursue remedial action independently. Wherever possible, Merit will pursue remedial action with the least impact to the overall service for the Member.

Should the situation be considered an emergency, and Merit deems it necessary to prevent further inappropriate activity, Merit may temporarily disconnect a Member from the network. An emergency is defined as: “Serious security incidents that require immediate attention to prevent harm to an individual, to protect information from loss or damage that would be difficult or impossible to correct or to deal with serious on-going denial of service attacks.”

If temporary disconnection is deemed necessary by Merit staff, every effort will be made to inform the Member prior to disconnection, and every effort will be made to re-establish the connection as soon as it is mutually deemed safe.

Any determination of inappropriate use serious enough to require disconnection shall be promptly communicated to every member of the Merit Board of Directors through an established means of publication.

DOWNLOAD PDF VERSION

Revised 31 January 2014 to incorporate Third-Party Connections Policy and more directly address economic development zones affiliated with Governing Members
Revised July 2013 to accommodate BTOP requirements
Prior policy October 2003

Merit Network was founded to advance the networking and research needs of its Governing Member institutions, public universities in Michigan. Merit’s Board of Directors has defined Merit’s mission to include provision of networking support to Michigan’s broader education community, as well as fostering economic development in Michigan. As such, Merit concentrates on the promotion and support of networking initiatives for Michigan’s educational, non-profit, research, healthcare and public service segments.

Merit’s general Member program serves non-profit organizations whose activities align with Merit’s mission as well as organizations that advance the networking, education and research needs of all of Merit’s Member institutions. Qualifying Merit Members include: private universities, K-20 schools and colleges, libraries, government agencies, health care organizations, and other non-profit organizations that support research and education, broadly defined.

Merit may provide network attachments to for-profit entities (FPE) with an educational or public service mission, including those that foster instructional, research and clinical activities benefiting education (e.g. for-profit schools or health care institutions). Merit also may serve FPEs that

  1. are engaged in research and technology transfer collaborations with Members to support education or research or to advance the scientific development of high-performance networking, or

  2. have facilities (and while located) in Michigan SmartZones, research parks or business incubators owned, operated or sponsored by, or in buildings owned or leased by, a Governing Member or a foundation of a Governing Member, or

  3. otherwise comport with provisions for Third-Party Connections.

Certain restrictions apply to the services provided by Merit to for-profit entities served in these circumstances:

  • Services provided must comport with the provisions for Third-Party Connections in the following section of this Policy;

  • Merit-provided Internet connectivity, Internet addresses and bandwidth may be used by the FPE solely for its own internal operating purposes specific to the subject facility location and may not be resold or reallocated by the FPE;

  • The FPE may not use “merit.edu” in its Internet domain naming conventions (e.g., for DNS, e-mail, websites);

  • The FPE may not put in place peering or cross-connections between Merit’s network and any other networks;

  • The FPE is subject to the Merit Acceptable Use Policy and other policies, including those of the Governing Member as applicable.

Merit operates certain network segments subject to the interconnection requirements of the Broadband Technologies Opportunities Program (BTOP). Merit will negotiate interconnection and service requests from any party on those network segments.

Provisions Regarding Third-Party Connections

“Third-party connections” are network connections provided by Merit Members to third-party organizations. Such connections are sometimes called “backdoor” connections. In a third-party connection, a Merit Member gives direct access to Merit’s network to a third-party organization having no direct business relationship with Merit and Merit is not specifically paid for the third-party organization’s use of the network. Except as outlined below such third-party connections are not allowed.

Direct network connections for third-party organizations are allowed if there is an explicit agreement between Merit and the Member providing the connection, or between Merit and the third-party organization. In some cases the Member or the third-party organization pays Merit a fee and the third-party organization becomes a Member. When the third-party organization becomes a Member and Merit is specifically paid for the attachment, the attachment is not a third-party connection. The fee that is paid is usually less than the amount that Merit would normally charge because:

  • The Member is providing some of the services that Merit would normally provide.

  • The Member is sharing its bandwidth and router with the third-party organization, so there are no new circuits or routers for Merit to monitor and manage.

  • Merit does not provide user support to the third-party organization.

Third-party connections are allowed under the following circumstances:

  • The connections are provided by Members for third-party organizations that occupy space in buildings that are owned or leased by the Member, OR;

  • The connections are provided by Members for third-party organizations that are wholly owned subsidiaries of the Member, OR;

  • The network access is temporary in nature. Temporary connections are connections that are shared rather than dedicated for use by a single individual or organization, an individual or organization is not normally connected for more than a 24 hour period, the user is not guaranteed to get the same IP address each time they initiate a new network access session, and there is no one domain name that can be used to identify different sessions.

“Third-party organizations” and “direct” vs. “indirect” network access are explained below.

Background of the Policy

All permanent connections to Merit are provided solely for the use and activities of the organization that has entered into a Member agreement with Merit. The network connectivity provided by that agreement is not to be extended to any other organizations for their use and activities without separate approval by Merit.

Direct vs. Indirect Attachments

Direct network access refers to a situation in which a computer or LAN at the third-party organization is linked to a network at a Member over a dedicated circuit. Indirect access refers to a situation in which someone gets network access by logging in to a host computer at a Member organization, and then has the ability to go outbound from that host computer onto the network. Direct access may violate the prohibition against third-party connections, but indirect access does not.

An example of indirect access is a Merit Member that supplies e-mail accounts on their computers to people who are not directly associated with their organization. Because this is indirect access, these people can send and receive e-mail over the Internet without violating the prohibition against third-party connections.

Determining Third-Party Organization Status

In some cases, it may not be clear if a given organization is part of a Member organization or if the organization is in fact a third-party organization and subject to these provisions for third-party connections. Merit uses two tests to help sort this out. First, who issues the paychecks to staff of the organization? Second, can the organization use the purchasing department of the Member? If the paychecks come from a Member or the organization can purchase through the Member’s purchasing department, the organization is considered part of the Member and not a third-party organization, and there is no problem about possible third-party organization connections. If the paychecks do not come from the Member and the organization cannot purchase through the Member’s purchasing department, the organization is considered a third-party organization and subject to the terms of this Policy.

If an organization is a federation of other organizations, the individual organizations are not considered third-party organizations for the purposes of this Policy. Examples would be an Intermediate School District (ISD) or a Library Cooperative. If such organizations make direct network access available to their member organizations (a member school district or a member library for the examples given), Merit would not consider that to be a third-party organization connection. However, the individual libraries or school districts may not call or receive support from Merit directly. Instead, they must work through the Member and the Member would work with Merit. Merit expects such federations’ members to be a well defined group of organizations, for example all community colleges or all schools and public libraries in a geographic region of Michigan. Merit expects such federations to make network access available only to organizations that are members of the federation, and will not allow this sort of network access from organizations that are formed for the sole purpose of obtaining network access from Merit contrary to this Policy.

In special circumstances Merit’s vice president for the network may determine that an organization that would normally be considered a third-party organization under this policy will not be considered a third-party organization, when treating the organization as a third-party would impose unusual or unfair costs or administrative burdens on a Member or Merit, or would encourage the deployment of inefficient network designs

Additional Considerations

When Members make third-party connections that are not temporary in nature available to third-party organizations the Member must inform Merit of the names of the third-party organizations and the circumstances under which the network connections are being provided.

When Members make network connections available to third-party organizations, the Member is responsible for the third-party organization’s use of the network, for ensuring that the third-party organization is familiar with Merit’s Acceptable Use policy, or equivalent policies, and for ensuring that the third-party organization follows these policies.

When Members make connections available to third-party organizations, the Member may charge the third-party organization no more than the actual cost of providing, using, and supporting the connection.

Before extending network access that includes access to Internet2 to third-party organizations, Members must ensure that the third-party organization is eligible to receive access to Internet2 under the rules established by the University Corporation for Advanced Internet Development (UCAID), possibly including the need to become a member of Internet2, having the third-party organization’s participation sponsored by a regular Internet2 member, and/or paying membership, participation, or other fees to UCAID.

Members that make direct network connections available to third-party organizations are strongly encouraged to assign separate ranges of IP addresses and distinct domain names for use by the third-party organizations so that it is clear when access originates from the Member and when it originates from the third-party organization. These IP address assignments should be registered with the appropriate agency and made available in the appropriate who-is database.

This policy pertains to access provided to organizations, rather than to access a Member may provide to individual guest users for a limited period.

Reporting

So that the Merit Board of Directors may be aware of third-party connections, Merit management will provide a report listing such connections to the Board at each Annual Meeting (January).

Questions and Comments

If you have questions about this policy or for more information, please contact your Member Relations Manager.

DOWNLOAD PDF VERSION

Revised 30 August 2013, to comport with ARIN policy and new Merit terminology for Members.
Prior policy, August 8, 2003

Background

Merit’s Internet addresses are used to provide networking services to those organizations served by Merit (its Members). These “legacy” addresses are subject to Merit’s Legacy Registration Services Agreement with ARIN, and to ARIN rules regarding their listing in the ARIN internet registry, their use, and their assignments or transfers.

Merit may allocate use of these addresses to its Members connected to its network, but the assignment of the addresses remains solely to and with Merit.

The guidelines for address allocation presented here are not intended to impede or prevent Merit Members from getting the addresses they need, but to guarantee sufficient resources for all Merit users.

Requesting Internet Addresses

Requests for Internet addresses should be accompanied by a six-month networking plan from the Merit Member making the request. Recommended information for a networking plan would include:

  • the number of hosts

  • the number of serial links

  • the number of LANs

  • the types of equipment

  • dates of projected implementation/deployment for each of the above

  • topology maps

Such information is needed for each point of attachment to Merit’s network.

Sites where fewer than 200 addresses are needed do not require a networking plan. Instead, a six-month address utilization projection for the site should be provided.

Requests of 200 to 2000 addresses for a single site must be accompanied by a written routing plan, including the projected utilization over six months time.

Requests for more than 2000 addresses require a conference with Merit Engineering to discuss the written networking plan and its implementation.

Conferences with Merit Engineering will also be required in instances of complicated routing and multiple attachments to Merit’s network, even when smaller address spaces are requested.

Agreement on a networking plan will result in address space distribution and routing announcement.

Requests for Additional Addresses

Every request for additional addresses requires a written networking plan and an assessment of the utilization of addresses currently held. Additional distributions will be made based on these criteria of planned need and current utilization.

Review of Address Utilization

The utilization of addresses received from Merit will be periodically reviewed. Merit may request the return of addresses that remain unused for a significant period of time (a year or longer).

Network Service Providers

Merit Members who are Network Service Providers (NSPs) should apply to Merit for addresses for their clients; a networking plan for each client should accompany each request.

New Members with Their Own Internet Addresses from ARIN

Merit Merit favors the utilization of addresses from the Merit space. Merit recommends that new Members with a block of addresses smaller than a /19 return the block to ARIN and obtain addresses from the Merit space in exchange.

DOWNLOAD PDF VERSION

Revised to remove obsolete use of “affiliate”, September 2013
Prior version, September 1998

Merit’s policy on packet filtering is designed to protect against IP address spoofing-that is, sending IP packets that use source addresses which are not assigned to the part of the Internet where the packets originate. We are asking Members with direct LAN attachments to Merit’s backbone routers to install packet filters in their own routers (see item #3 from policy). Questions regarding this policy should be directed to your Member Services Support Team.

Discussed and approved by the Merit Joint Technical Staff (MJTS) at their September 17, 1998 meeting.

  1. On tail routers at Member sites, Merit will install both the “self defense” and “good citizenship” packet filters. These filters will be installed at the router’s serial interface and will check the source IP addresses on both inbound and outbound packets. For packets going from Merit to the Member , Merit will reject packets that have a source address that is assigned to the Member as well as ICMP ping packets with a destination address that is the broadcast address. For packets going from the Member to Merit, Merit will reject packets that do NOT have a source address that is assigned to the Member as well as ICMP ping packets that have a destination address that is the broadcast address.

  2. In cases where Member LANs are connected directly to a Merit’s backbone router, Merit will install both the “self defense” and “good citizenship” packet filters on the LAN interface.

  3. In cases where Member LANs are directly connected to a backbone router AND the backbone router is used to route traffic between the organization’s sub-networks, it will not be possible to install the “self defense” packet filters. In these cases the Member should install the filters on their own routers or contact Merit to develop alternatives.

  4. The packet filters that will be installed by Merit provide protection at the gateway that connects a Member organization. We encourage Members to seriously consider installing similar packet filters on their own internal routers. For large organizations, installing filters that protect smaller portions of their networks is likely to be much more effective than filters which are designed to protect the network as a whole.

  5. From time to time Merit is asked to install specific packet filters by a Member. These filters are often related to network security in some way. In general we discourage Members from using these sorts of non-standard filters in routers managed by Merit, since it is not considered good practice to depend on an outside party such as Merit to implement an organization’s internal security policies. However, while we continue to discourage the use of non-standard filters, Merit will install non-standard packet filters on tail routers managed by Merit at a Member’s site on request. There will be a fee of $100 a month to install and maintain these non-standard filters. There will be an additional consulting fee of $75 per hour if the Member needs help in designing or specifying these non-standard filters. Merit will NOT install non-standard filters on backbone routers.

Policy Explanations

Merit installs route filters that prevent a Member from announcing routes for IP addresses that they do not own. While route filters are very useful, they do not protect against the same problems that packet filters do.

Packet filters will help do two things:

  • Protect our Members from “bad” packets that originate elsewhere; and

  • Protect others from “bad” packets that originate at one of our Members.

Thus we have both “self defense” and “good network citizenship” as motives for doing this work.

The “self defense” filters do not prevent spoofing of all Internet addresses, only those of the Member IP addresses, and then only within their own network. In fact, all they protect against is attacks on machines that use local source IP addresses to authenticate (some UNIX systems with rlogins and rsh enabled, some X Windows servers, …). Thus, “self defense” filters prevent your own IP addresses from being used against you from outside of your network, but they do NOT prevent someone else’s IP addresses from being used against you nor do they prevent your own IP addresses from being used against you from within your own network.

“Good citizenship” filters protect more broadly, but will only be 100% effective only if these filters are installed everywhere throughout the entire Internet.

Merit will do the following under its IP Address Spoofing Filters Policy:
Tail Routers
Self Defense:
Yes
Good Citizen:
Yes
Non-standard:
Reluctantly, for an extra charge
Backbone Routers
Self Defense:
Yes
Good Citizen:
Yes
Non-standard:
No

 

DOWNLOAD PDF VERSION

June 27, 2013

Merit Network employs standard best effort Internet delivery policy to ensure that any organization, institution or entity connected, directly or indirectly, to Merit’s fiber backbone may exercise choice in lawful Internet content, web-based application and use of Merit or competitor service, including any device which is not harmful to the network. All of the preceding is subject to the needs of law enforcement. Merit Network does not favor any lawful Internet applications or content over others, and is committed to enabling competition among network providers, application and service providers, and content providers.

Merit Network manages its layer 3 network with network-neutral, best-effort practices that
satisfy non-discrimination and interconnection obligations. During weekly meetings, Merit engineers
review proposed changes to the network infrastructure to ensure that network availability will not be compromised and to confirm that networking standards and best practices are followed. Emergency network change
requests and network maintenance proposals undergo a strict network design review to ensure the integrity of the network and to preserve the neutral network environment.

Merit Network offers interconnection wherever technically feasible on reasonable rates and terms to be reached upon negotiation in good faith with requesting parties. Merit’s network management policies prohibit the discrimination of legitimate or legal use of network capacity bandwidth by application, source or use of the network.

For organizations that subscribe to MeritMail, Merit Network may employ filtering for SPAM and viruses
on email sent to the subscribing organizations. Merit Network does not limit or impose any limitations
on users at subscribing organizations to lawfully possess, use, or distribute Internet content.

DOWNLOAD PDF VERSION

Revised to remove obsolete use of “affiliate”, 6 December 2013
Prior version, February 27, 2002

Purpose

This policy informs network users what sensitive, confidential, or personally identifiable information is collected by Merit Network, Inc. (Merit), how long that information is kept, what the collected information is used for, what protections are in place to safeguard the information from inappropriate use or release, and under what circumstances the collected information may be released to third parties.

Philosophy

Merit is committee to protecting the privacy of all users of its networks, host computers, products, and services. Merit wants to contribute and to help others contribute to providing a safe and secure environment for all network users. Merit will always operate its networks, host computers, other systems, products, and services in ways that allow Merit and its Members to follow applicable laws and regulations regarding privacy and the collection, storage, and release of sensitive, confidential, or personally identifiable information.

To the greatest degree possible, Merit acts as the temporary custodian rather than the owner of information that passes across the networks and systems that it operates. Merit’s Members and other users are almost always in a better position than Merit to make decisions about the disclosure of information to third parties and the laws and regulations (e.g., FERPA, HIPAA, ECPA, Michigan’s Library Privacy Act-see below for more information) that may prohibit or allow such disclosure.

Merit is subject to and this privacy policy is based on the terms of the Merit Acceptable Use Policy which states in part that:

Users must respect the privacy of others….

and

Merit will not monitor or judge the content of information transmitted over Merit’s network, but will investigate complaints of possible inappropriate use. In the course of investigating complaints, Merit staff will safeguard the privacy of all parties and will themselves follow the guidelines given in this [Acceptable Use] policy. Merit will only release sensitive, confidential or personally identifiable information to third parties when required by law or when in Merit’s judgment release is required to prevent serious injury or harm that could result from violation of this [Acceptable Use] policy.

Scope

This policy applies to all sensitive, confidential, or personally identifiable information that is or can be collected from networks, host computers, or other equipment or systems provided, managed and controlled by Merit or by organizations performing work on Merit’s behalf.

More specific privacy policies or statements may exist for specific host computers, systems, products, or services provided, managed, and controlled by Merit. When such privacy policies or statements exist, they will be consistent with this policy.

This policy does not apply to networks, host computers, other equipment, or systems that are managed or controlled by Merit’s Members or other parties, unless those parties are performing work on Merit’s behalf.

This policy does not apply to networks, host computers, other equipment, or systems that are managed by Merit on behalf of another party. In such cases the labeling, banners, domain names assigned, and other written information should make it clear who is responsible for privacy policy decisions related to information collected and stored on these networks, host computers, and systems. Parties for whom Merit manages networks, host computers, other equipment, or systems are encouraged to develop and post their own privacy policies. When no such specific privacy policy exists, Merit will follow the rules and procedures given in this policy; however, the parties for whom Merit manages the networks, host computers, other equipment, or systems are not governed or bound by Merit’s Privacy Policy.

Sensitive, Confidential, or Personally Identifiable Information

For the purposes of this policy, confidential information is information that Merit will not reveal to third parties or will only reveal to third parties under conditions outlined in this policy. The expectation of confidentiality may arise from a written non-disclosure agreement, contract, or other agreement with Merit, or through requirements imposed by laws or regulations. The Merit Acceptable Use Policy and this Privacy Policy establish an expectation of confidentiality as well as bounds for that expectation between Merit and its Members and other users of Merit’s facilities, products, and services.

Sensitive information is information for which it is not possible to determine if the information should be considered confidential without additional context. Such additional contextual information may be available to the individuals or organizations that send or receive the information, but is usually not available to Merit. Sensitive information is also information that may not be confidential by itself, but which may become confidential when found or used in a particular context or when combined with other information. For example, the amount of data sent or received by a single site attached to Merit is not considered confidential, but the amount of data sent or received between two sites is considered confidential. Because sensitive information may be confidential, Merit gives sensitive information a very high degree of privacy protection and will not release this information to third parties except as allowed by the Merit Acceptable Use Policy and this Privacy Policy.

Personally identifiable information is information that could be used directly or indirectly to identify the individual who is the subject of the information. Information is personally identifiable if a recipient of the information could use the information alone, or in combination with other information, to identify an individual. Without specific evidence to the contrary, information that includes one or more of the following items must always be considered personally identifiable: name; address, including street address, city, county, zip code, or equivalent geocodes; names of relatives and employers; birth date; telephone and fax numbers; e-mail addresses; social security number; other identification numbers such as medical record numbers; health plan beneficiary numbers; account numbers; certificate/license numbers; any vehicle or other device serial numbers; web URL; Internet Protocol (IP), ethernet, and other network media addresses; Internet domain names; finger or voice prints; photographic images; and any other unique identifying numbers, characteristics, or codes (whether generally available in the public realm or not) that may be available to recipients of the information. Merit gives personally identifiable information a very high degree of privacy protection and will not release this information to third parties except as allowed by the Merit Acceptable Use Policy and this Privacy Policy.

What Information Is and Is Not Collected, How It Is Used, and How Long It Is Kept

Merit automatically gathers certain information about the usage of or access to Merit’s networks, Web sites, Web caches, File Transfer (FTP) sites, Network News and other servers. For example the information gathered may include the number and frequency of visitors to a site, the links that referred a user to a site, the pages and files accessed, the type of browser used, the screen resolution, or the amount of traffic sent and received over segments of the networks Merit operates. Merit only uses and keeps such data in the aggregate, but may hold more detailed information for brief periods of time while the aggregate reports are being produced. This aggregate data is not considered to be confidential and is kept indefinitely. This aggregate data helps Merit determine how its sites, networks, and services are used, so Merit can improve its sites, networks, and services or make projections of future growth. In some cases, the information gathered may be used to bill a Member or to establish the rate that a Member should pay.

Merit collects information about each Merit shared dial-in session, including the AccessID used to authorize the dial-in session, the name of the Network Access Server (NAS) and port that answered the call, the phone number called (not always available), the phone number that originated the call (not always available), the IP address assigned to the dial-in session, the date and time when the dial-in session started, its duration, and the total number of packets and bytes sent and received during the session. This information is kept indefinitely. The collected information is used to produce aggregate network usage reports, to support billings for surcharged network services, to investigate and troubleshoot the operation of the dial-in network, to investigate complaints about possible network abuse and violations of the Merit Acceptable Use Policy, and occasionally to respond to warrants, subpoenas and other court orders. Merit does not collect information about what was done or what sites were visited during the dial-in session.

Merit collects information about uses or logins to certain host computers operated by Merit, including the Login ID used to authorize the session, the name of the host computer being accessed, the IP address used for access to the host computer, the date and time when a session started, its duration, and the total number of packets and bytes sent and received during the session. This information is kept indefinitely. The collected information is used to produce aggregate network usage reports, to support billings for network services, to investigate and troubleshoot the operation of the host computer or the networks to which the host computer is attached, to investigate complaints about possible network abuse and violations of the Merit Acceptable Use Policy, and occasionally to respond to warrants, subpoenas and other court orders. Merit does not collect detailed information about what was done during a session.

Merit may specifically ask for or receive information about individuals when they sign up to use a particular service, participate in an on-line e-mail list, forum or course, provide information via a Web form or similar input process at a Web site, attend a conference or other event, ask a question, or request information. In these cases Merit needs the information — such as an individual’s name or other identifier, e-mail address, history of course or learning experience, billing address, or credit card number — in order to provide the requested service. The length of time that such data is kept will vary depending on the purpose for which it was gathered.

Merit may collect or examine information carried in the user data portion of network packets when troubleshooting certain types of network malfunctions, when investigating possible violations of the Merit Acceptable Use Policy, or occasionally as required by law, but Merit does not routinely collect or examine this information.

Merit may collect or examine information such as the source and destination IP addresses carried in the headers of network packets when troubleshooting certain types of network malfunctions, when investigating possible violations of the Merit Acceptable Use Policy, or occasionally as required by law, but other than the aggregate statistical information described earlier, Merit does not routinely collect this information.

Merit Members may request assistance from Merit in troubleshooting certain types of network malfunctions or in investigating possible violations of the Merit Acceptable Use Policy or the Member’s own policies. With the advance written approval of an official representative of the Member, Merit may elect to collect sensitive, confidential, or personally identifiable information. All of the information to be collected must be related to the use of networks, hosts, or other systems that belong to or involve products or services provided by Merit to the Member.

Sensitive, confidential, or personally identifiable information collected when troubleshooting network malfunctions is kept only as long as necessary to resolve the problem. Sensitive, confidential, or personally identifiable information collected when investigating possible violations of the Merit Acceptable Use Policy are kept until the investigation is complete and may be kept indefinitely when it shows actual violations of the Merit Acceptable Use Policy.

Merit does not gather information about the sites visited by individuals or the detailed network usage patterns of individuals or organizations, other than the aggregate statistical information and information about visits to sites and services operated by Merit described earlier.

Merit web sites may use cookies to preserve user information between web pages in order to provide a usable user interface. Merit web sites may use cookies to restore user-selected preferences at future visits. Merit web sites will not attempt to read any non-Merit session cookies stored on a user’s computer.

A user may decline to use cookies and will still be able to access most parts of Merit web sites. Portions of the Merit web site that require authentication will not be available if cookies are disabled.

Disclosure

Merit never sells, lends, or leases sensitive, confidential, or personally identifiable information to third parties.

Merit will not share or disclose sensitive, confidential, or personally identifiable information to third parties unless required to do so by law or when in Merit’s judgment release is required to prevent serious injury or harm that could result from violation of the Merit Acceptable Use Policy. Unless prohibited by law or in cases of extreme emergency where any delay in releasing information will increase the risk of serious injury or harm, Merit will inform and consult with the official representatives of the Members involved in writing before releasing sensitive, confidential, or personally identifiable information to third parties. An extreme emergency is a situation where attempts to contact the Member involved have been unsuccessful and any further delay in providing information to a third party is very likely to result in serious injury, death, or other similar, serious harm to individuals.

When disclosure is required by law, Merit will allow the Member involved to participate in discussions with and make arguments to the court or agency requiring disclosure when such participation is permitted by the court, agency, or relevant law. Unless prohibited by law, when Merit is not able to inform and consult with the Members involved before releasing sensitive, confidential, or personally identifiable information to third parties, Merit will inform the Members involved as soon as possible after the fact.

Merit may elect to share sensitive, confidential, or personally identifiable information with the official representatives of its Members, but only when all of the information to be shared relates to use of networks, hosts, or other systems that belong to or involve products or services provided by Merit to the Member.

Merit may elect to share aggregate statistical information that is based on or derived from sensitive, confidential, or personally identifiable information so long as the aggregate information when used alone or when combined with other information is no longer confidential or sensitive and will not reveal the activities of or information about individuals or detailed information about organizations.

Merit may elect to engage in collaborative research projects that use sensitive, confidential, personally identifiable, or aggregate statistical information subject to the safeguards outlined below. Such use will always be limited to the minimum information necessary to meet the needs of the research project and Merit staff will maintain control over any sensitive, confidential, or personally identifiable information used.

Some personally identifiable information that individuals or organizations furnish to Merit may be disclosed as a normal part of the use of that information. For example, the names and e-mail addresses of individuals subscribed to some of the public e-mail lists that Merit operates are available to the public or to other list subscribers or become known to list subscribers when messages are posted to the list, or the name and work phone number of an official representative of Merit’s Members may be shared with third parties seeking assistance or reporting problems.

Safeguards

Merit strives to operate its networks, host computers, and other systems in a professional and secure manner and to do business with other organizations that do the same.

Staff are made aware of this policy and the Merit Acceptable Use Policy when they are hired. Staff are reminded of both policies periodically. Staff who violate this policy or the Merit Acceptable Use Policy are subject to disciplinary action up to and including dismissal. Merit and the individual(s) involved may also be subject to sanctions and penalties as provided by law.

Access to sensitive, confidential, or personally identifiable information is limited to staff with a need to access or use the data. Appropriate security, including physical security, is in place to prevent inappropriate or accidental access or release. When appropriate, stored data may be encrypted to provide additional protection. Care is taken that information is not inadvertently kept for much longer periods than intended as part of automatic disk or other backup procedures.

Staff engaged in troubleshooting and repairing networks, host computers, or other facilities and services may occasionally find it necessary to or may inadvertently gain access to or view small amounts of sensitive, confidential, or personally identifiable information. Any more extensive, routine, or long term logging or monitoring of sensitive, confidential, or personally identifiable information required for troubleshooting or repair must be approved in writing in advance by Merit management. An official representative of the Member involved will be informed in writing when such logging or monitoring is taking place.

All disclosures of sensitive, confidential, or personally identifiable information to third parties require the approval of at least two staff members, one of whom must be a Director at Merit or Merit’s President. Exceptions to this provision can only be made in cases of extreme emergency when attempts to contact senior Merit management have failed and further delay is likely to result in serious injury or harm as outlined above.

Merit limits the amount of sensitive, confidential, or personally identifiable information that it keeps as well as the length of time that such data is kept. When IP addresses or domain names that are or could become personally identifiable when combined with other information must be kept for longer periods of time, Merit anonymizes the information that is kept so that the information is still useful for statistical and other forms of analysis, but it can no longer be used to identify the activities of individuals.

When sensitive, confidential, or personally identifiable information is used as part of a research project, the project must be reviewed and approved by the relevant Human Subjects Institutional Review Board (IRB) or there must be a written statement from the IRB stating that the project is exempt from further IRB review.

When sensitive, confidential, or personally identifiable information is used as part of a research project that includes researchers from organizations other than Merit, there is a written agreement between the research project and Merit that specifies in detail how the information may and may not be used, and how it will be protected. Agreements will be tailored to the needs of individual projects, but would typically include requirements that researchers:

  • limit use of the information to the specific purposes of the research project,

  • limit use to packet header information only,

  • allow no use of the user data portion of any network packets,

  • restrict access to the information to only those individuals that are part of the research project and who have been made aware of the agreement and the sensitive nature of the data,

  • safeguard the data to prevent its inadvertent disclosure,

  • anonymize all data that will be kept for more than a specified period of time (from a few hours to several days, but not weeks or months) by discarding the user data portion of the packets and at least the last eight bits of all IP addresses and preferably all of the bits in the non-network portion of an address that are not on a list of IP addresses that has been reviewed and approved by Merit as posing no risk of identifying the actions of individuals as soon as is practical (within a few hours to a few days),

  • keep data that has not been anonymized including copies of data made as part of disk or other backup procedures only as long as necessary (generally no longer than a few days without specific written permission from Merit),

  • return or destroy all sensitive data at the conclusion of the research project,

  • limit formal and informal publication of the research results so that the activities of specific individuals or organizations are not disclosed,

  • warrant that all required IRB approvals have been obtained, or will be obtained before any personally identifiable information is used and that all required IRB approvals will be maintained and renewed as necessary or access to and use of personally identifiable information will cease,

  • allow Merit staff to review information that is to be published in advance to ensure that this agreement has been followed, and

  • acknowledge that the information remains Merit’s property, that only Merit may authorize additional access to or release of the information, and that all requests for access to or disclosure of the information will be immediately forwarded to Merit.

Disclosure as Required or Prohibited by Law

Through warrants or other court orders, subpoenas, or other requirements of law, Merit may be required to gather and/or release information including sensitive, confidential, or personally identifiable information that would otherwise not be subject to release under the Merit Acceptable Use Policy or this Privacy Policy. When Merit receives such requests to release information, an official representative of the Member involved will be notified of the request and given an opportunity to contest the release of information when such notification is not prohibited by the warrant, order, or subpoena. When such advance notification is prohibited, Merit will notify an official representative of the Member of the release of information as soon as such notification is allowed.

A number of laws prohibit Merit from gathering or releasing certain types of information or specify the conditions that must exist and the procedures that must be followed when certain types of information are gathered or released. Laws and regulations also provide privacy protection to and impose privacy protection requirements on individuals and organizations for certain types of information. Merit will itself follow the requirements imposed by law and regulation and will to the greatest extent allowed or required by law or regulation give an official representative of the Member involved advance notice of and an opportunity to be heard on any request for release of information as described above.

The federal, state, and other laws and regulations that govern the release of information are complex and it is not possible to outline all of the considerations that might apply without reference to a particular context and set of facts. However, some of the laws and regulations that are most likely to apply to electronic communication over Merit’s network are listed below:

  • Wire And Electronic Communications Interception And Interception Of Oral Communications, U.S. Code Title 18, Chapter 119, which states in part:

    Sec. 2511(3) … a person or entity providing an electronic communication service to the public shall not intentionally divulge the contents of any communication (other than one to such person or entity, or an agent thereof) while in transmission on that service to any person or entity other than an addressee or intended recipient of such communication or an agent of such addressee or intended recipient.


  • Electronic Communications Privacy Act (ECPA), U.S. Code Title 18, Chapter 121 – Stored Wire And Electronic Communications And Transactional Records Access, which states in part:

    Sec. 2702(a) (1) a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service; and (2) a person or entity providing remote computing service to the public shall not knowingly divulge to any person or entity the contents of any communication which is carried or maintained on that service ….


  • Family Educational Right to Privacy Act (FERPA), U.S. Code Title 20, Chapter 31, Part 4, Sec. 1232(g), which governs “… the release of education records (or personally identifiable information contained therein other than directory information, …) of students without the written consent of their parents ….”

  • Michigan’s Library Privacy Act, MCL 397.601-606, which exempts library records from disclosure under Michigan’s Freedom of Information Act (FOIA) and also states in part:

    Sec. 3(2): Unless ordered by a court after giving the affected library notice of the request and an opportunity to be heard on the request, a library or an employee or agent of a library shall not release or disclose a library record or portion of a library record to a person without the written consent of the person liable for payment for or return of the materials identified in that library record.


  • Michigan’s Freedom of Information Act (FOIA), MCL 15.231-246, which sets requirements for the disclosure of public records by all “public bodies” in Michigan. Exempt from disclosure under section 13(1) of the Act is:

    (a) Information of a personal nature where the public disclosure of the information would constitute a clearly unwarranted invasion of an individual’s privacy,

    and

    (d) Records or information specifically described and exempted from disclosure by statute.

Responsibilities of Others

Because the networks, host computers and other systems managed and controlled by Merit are only some of the networks, host computers, or systems that will carry a user’s or organization’s data when they use the Internet, the privacy of sensitive, confidential, or personally identifiable information is often beyond Merit’s control. In the final analysis Members must understand that they and their users assume substantial responsibility for the security of their information.

Merit strongly urges that particular care be taken to protect any passwords that are used. Passwords should not be divulged to anyone. Members should caution users to always log out of browsers or other online applications at the end of each computer session to ensure that others cannot access their personal information and correspondence, especially if they share a computer with someone else or are using a computer in a public place like a library, school computer laboratory, or Internet cafe. The use of network applications such as ssh and PGP that encrypt data that is sent over the network should be considered and is encouraged.

Members should instruct users that when communicating with others online and disclosing personal information such as their actual name, e-mail address, on a web page, in a newsgroup, chat room, forum, or in an e-mail message, that information may be collected and used by others in ways that they did not intend or approve. Care should always be exercised when disclosing confidential, sensitive, or personal information either electronically or by more traditional means.

Changes to this Policy

Any changes to this policy or the Merit Acceptable Use Policy must be approved by the Merit Board of Directors. If either policy is changed, Merit will post the revised policy on its Web site (www.merit.edu) and elsewhere. Because these policies may be updated from time to time, it is the responsibility of the Member or user to check and review the policies periodically.


Employment Policies
The policies below outline Merit’s employment and human resources related practices.
DOWNLOAD PDF VERSION

1.0 – Nondiscrimination and Affirmative Action

Merit Network as an equal opportunity/affirmative action employer, complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. Merit Network is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, height, weight, or veteran status in employment. Inquiries or complaints may be addressed to the EEO Compliance Officer at Merit’s offices located at 1000 Oakbrook Dr., Suite #200 Ann Arbor, MI 48104, 734-527-5700.

Issued: 07/01/12 Revised:

Merit Network – Policies & Procedures Section: EEO/Affirmative Action Policy


1.1 – Non-Discrimination Policy

Merit Network, in its employment and human resource policies and practices, will not discriminate against any individual because of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, height, weight, or veteran status, except as allowed by the need for bona fide occupational qualifications. Reasonable accommodation will also be provided to persons with disabilities, to disabled veterans, and to accommodate religious practices.

Issued: 07/01/12 Revised:

Merit Network – Policies & Procedures Section: EEO/Affirmative Action Policy

DOWNLOAD PDF VERSION

1.2 – Sexual Harassment

It is the policy of Merit Network (Merit) to maintain a work environment free of sexual harassment for staff. Sexual harassment is contrary to the standards of Merit. It diminishes individual dignity and impedes equal employment opportunities. Sexual harassment is a barrier to fulfilling Merit’s research and service mission. It will not be tolerated at Merit. Sexual harassment violates Merit’s policy against discrimination on the basis of sex. Sexual harassment is also illegal. It is prohibited in the employment context by Title VII of the 1964 Civil Rights Act and by Michigan’s Elliott-Larsen Civil Rights Act, adopted in 1976.

A claim under this policy may be brought by Merit’s staff or member of the Merit Community based on the conduct of any Merit employee. Retaliation will not be tolerated at Merit. Sexual harassment can be a very serious matter having far-reaching effects on the lives and careers of individuals. Intentionally false accusations can have similar impact. A person who knowingly and intentionally files a false complaint under this policy is subject to discipline. Both a person who sexually harasses another and a person, who knowingly and intentionally files a false complaint under this policy, are subject to discipline.

An individual may engage in conduct of a sexual nature that may not be sufficiently severe, persistent or pervasive to constitute sexual harassment as described below, but is nonetheless inappropriate. Such conduct also will not be tolerated by Merit, is prohibited by Merit and is subject to discipline, up to and including, termination of employment.

DEFINITION OF SEXUAL HARASSMENT

For the purposes of determining whether a particular course of conduct constitutes sexual harassment under this policy, the following definition will be used:

Unwelcome sexual advances, requests for sexual favors, and other verbal or physical conduct of a sexual nature constitute harassment when:

(1) submission to such conduct is made either explicitly or implicitly a term or condition of an individual’s employment or participation in a Merit activity;

(2) submission to or rejection of such conduct by an individual is used as the basis for or a factor in decisions affecting that individual’s employment or participation in a Merit activity; or

(3) such conduct has the purpose or effect of unreasonably interfering with an individual’s employment or performance or creating an intimidating, hostile, offensive, or abusive environment for that individual’s employment or participation in a Merit activity. Some examples of conduct that may constitute sexual harassment include, but are not limited to:

Unwanted sexual statements – sexual or “dirty” jokes, comments on physical attributes, spreading rumors about or rating others as to sexual activity or performance, talking about one’s sexual activity in front of others, and displaying or distributing sexually explicit drawings, pictures and/or written material.

Unwanted sexual statements can be made in person, in writing, electronically (email, instant messaging, blogs, web pages, etc.), and otherwise.

Unwanted personal attention – letters, telephone calls, visits, pressure for sexual favors, pressure for unnecessary personal interaction, pressure for dates where a sexual/romantic intent appears evident but remains unwanted, and stalking.

Unwanted physical or sexual advances – touching, hugging, kissing, fondling, touching oneself sexually for others to view, sexual assault, intercourse, or other sexual activity.

Conduct alleged to be sexual harassment will be evaluated by considering the totality of the particular circumstances, including the nature, frequency, intensity, location, context, and duration of the questioned behavior. Although repeated incidents generally create a stronger claim of sexual harassment, a serious incident, even if isolated, can be sufficient.

This policy addresses intentional conduct. It also addresses conduct which results in negative effects even though such negative effects were unintended. Sexually-related conduct forms the basis of a sexual harassment claim if a reasonable person, in view of all the surrounding circumstances, would consider it sufficiently severe, persistent or pervasive as to interfere unreasonably with employment performance or participation in a Merit activity.

Sexual harassment most often occurs when one person has actual or apparent power or authority over another; however, it may also occur between individuals of equal status or rank within Merit. It is also possible for a person who is not in a position of power or authority over another to sexually harass that person, such as a supervisor being sexually harassed by a supervisee. Sexual harassment occurs between persons of the same gender and persons of different genders.

Alleged discriminatory behavior that does not include conduct of a sexual nature is not covered by this policy; however, the discriminatory conduct is addressed by other Merit policies prohibiting discrimination (e.g., sex, gender identity, gender expression, sexual orientation, etc.). In some cases, an individual may allege there has been discriminatory action in addition to unwelcome conduct of a sexual nature. In these instances, the matter is assessed under the policy prohibiting the type of discrimination alleged as well as this sexual harassment policy and any other applicable Merit policy.

CONSENSUAL RELATIONSHIPS

Merit’s nepotism policy precludes individuals from evaluating the work performance of others with whom they have intimate familial or close personal relationships, or from making hiring, salary, or similar financial decisions concerning such persons, without prior written approval. Issues of nepotism are addressed under Appointment of Relatives and Others with Close Personal or External Business Relationships.

RESPONSE AND PROCEDURES

Prevention and Education. Merit is committed to preventing and eliminating sexual harassment of staff. To that end, this policy will be published on Merit’s Web site. Information regarding sexual harassment and this policy will be included in orientation materials for staff and made available in the Office of EEO Compliance Officer and other appropriate locations. In addition, appropriate educational sessions will be conducted by Merit on an ongoing basis to (1) inform staff about identifying sexual harassment and the problems it causes, (2) train personnel in the administration of this policy.

Assistance with Sexual Harassment Concerns. The EEO Compliance Officer is responsible for ensuring and monitoring Merit’s compliance with federal and state nondiscrimination laws. However, a discrimination-free environment is the responsibility of every member of the community. Merit can take corrective action only when it becomes aware of problems. Therefore, Merit encourages persons who believe that they have experienced or witnessed sexual harassment to come forward promptly with their inquiries, reports, or complaints and to seek assistance within Merit. Individuals also have the right to pursue a legal remedy for sexual harassment in addition to or instead of proceeding under this policy.

Confidential Counseling. Information about or assistance with sexual harassment issues may be obtained from a variety of Merit resources. Prior to or concurrent with lodging a sexual harassment complaint, individuals may find it helpful to consult with a counselor or otherwise seek assistance. The following offices provide advice and support to individuals who believe they are experiencing sexual harassment. All information shared with these offices will remain confidential to the extent permitted by law and Merit policy. Discussions with representatives of these offices will not be considered a report to Merit regarding the problematic behavior and will not, without additional action by the complainant, result in intervention or corrective action.

FASAP – Faculty and Staff Assistance Program (734) 936-8660

SAPAC – Sexual Assault Prevention and Awareness Center (734) 998-9368

Lodging a Complaint. An individual may complain to Merit about alleged sexually harassing behavior or retaliation by contacting the EEO Compliance Officer or such officials as a Supervisor; Director or department head; or the appropriate Human Resources Office. In addition, any member of the Merit community may utilize appropriate internal and external resources for guidance and support during the investigation process.

Investigation and Investigation Procedures. Merit will handle sexual harassment complaints consistently with procedural guidelines developed to ensure prompt and equitable resolution of such complaints. Complainants and Respondents will be given copies of the procedural guidelines, and the guidelines will also be made readily available to the Merit community. The matter will then proceed to investigation or other form of effective and fair review. The purpose of an investigation, which will include interviewing the parties and witnesses, is to gather and assess evidence. During the course of an investigation, the investigating office will work collaboratively with other appropriate offices.

Possible outcomes of an investigation are (1) a finding that the allegations are not warranted or could not be substantiated, (2) a finding that the allegations are substantiated and constitute sexual harassment or inappropriate behavior and, if so, (3) referral to the appropriate administrative authority for corrective action.

Corrective Action. Corrective action could include a requirement not to repeat or continue the harassing or retaliatory conduct, a reprimand, denial of a merit pay increase, reassignment, suspension and termination. The severity of the punishment will depend on the frequency and severity of the offense and any history of past discriminatory or retaliatory conduct. A finding of sexual harassment may be cause for the separation of the offending party from Merit, in accordance with Merit procedure. Every effort will be made to assure Merit-wide uniformity of sanctions for similar offenses.

Merit Action. Merit may assume the role of a complainant and pursue a report or complaint of sexual harassment, either informally or formally. Merit may respond to complaints or reports by persons external to the Merit community about alleged sexually harassing conduct by Merit employees.

Reporting Requirements. To assure Merit-wide compliance with this policy and with federal and state law, the EEO Complainance Officer must be advised of all reported incidents of sexual harassment and their resolution. The EEO Compliance Officer will monitor repeated complaints within the same unit or against the same individual, where identified, to assure that such complaints are appropriately handled.

Retaliation. Merit will take appropriate steps to assure that a person who in good faith reports, complains about, or participates in an informal resolution or formal investigation of a sexual harassment allegation will not be subjected to retaliation. Merit also will take appropriate steps to assure that a person against whom such an allegation is made is treated fairly. Merit will also take appropriate follow-up measures to assure the goals of this policy are met. Persons who believe they are experiencing retaliation are strongly encouraged to lodge a complaint with Merit using the same procedure for lodging a sexual harassment complaint.

Issued: 07/01/12
Revised:
Merit Network – Policies & Procedures
Section: EEO/Affirmative Action Policy

DOWNLOAD PDF VERSION

1.3 – Individuals with Disabilities
I. Purpose:

To affirm and describe Merit Network’s (Merit) commitment to the principles of equal employment opportunities for individuals with disabilities to set forth the action to be taken by Merit and its employees, concerning employment opportunities for qualified individuals with disabilities and to provide for implementation, self-monitoring and a measure for achievement through a comprehensive affirmative action program.

II. General Policy of Merit –Employment of Individuals with Disabilities:

Merit will not discriminate in its employment practices against applicants who have a disability. Placement will be commensurate with ability to perform assigned work. Employees with disabilities will receive the same regular compensation as those with no disabilities for like work.

III. Specific Policy – Employment:

Merit will not discriminate against any employee or applicant for employment because of disability in regard to any position for which the employee or applicant for employment is qualified. A “disability” is a physical or mental impairment that substantially limits one or more major life activities, a record of having such an impairment, or being regarded as having one even if the person does not actually have the condition. A “qualified individual with a disability” is a person with a disability who meets the skill, experience, education and other job-related requirements and who, with or without reasonable accommodation, can perform the essential functions of the job.

Merit, to ensure its commitment to equal employment opportunities for individuals with disabilities, will take affirmative action to employ, advance in employment, and otherwise treat known qualified individuals with disabilities without discrimination based upon their disability in all employment practices, including but not limited to the following: application, testing, hiring, work assignments, evaluation, promotion, transfer, disciplinary actions, recruitment or recruitment advertising, layoff/recall, termination or demotion, rates of pay or other forms of compensation, and selection for training, including apprenticeships.

Merit will provide, upon request, reasonable accommodation to employees with disabilities, if that is needed to enable them to perform their job duties. Employees may request such accommodation by contacting their immediate supervisor.

IV. Dissemination of Policy:

To ensure understanding, acceptance and support among the executives, managers, supervisors, and all other employees, and to encourage such persons to take the necessary action to assist Merit in meeting its obligations to individuals with disabilities, Merit will communicate information on its nondiscrimination policy and its affirmative action program on a periodic basis to all Merit employees through internal communication and other media. Merit will post its nondiscrimination/affirmative action policy on appropriate Merit bulletin boards.

Merit will communicate its obligation and commitment to engage in affirmative action efforts to employ qualified individuals with disabilities to all executive, managerial and supervisory personnel and will give its obligation under all applicable laws and regulations high priority at appropriate managerial, supervisory, and special employee meetings, and at all employee orientation programs. Periodically, it will be an item on the agendas of Merit’s Board, the executive officers and other managerial and supervisory meetings.

3.0 Merit will reproduce this policy in its policies section of its Web site and internally on the Merit Internal Web.

4.0 Merit publications, collateral material and Web site, employee handbooks or similar publications with pictures will include individuals with disabilities.

5.0 All Merit publications relating to employment and advertisements for employment opportunity shall include the phrase “Merit Network is an equal opportunity/affirmative action employer.” Pictures of employees used in employment advertising will include individuals with disabilities.

V. Implementation Responsibility:

A. Executive Officers

1.0 Ultimate responsibility for the implementation of this policy and Merit’s affirmative action programs rests with the Executive Officers (the President and the Vice-Presidents). Each Executive Officer is responsible for the administration of this policy and Merit’s affirmative action programs within his/her area of responsibility.
B. Directors and Managers
1.0 Each Director is responsible for authorizing expenditures for reasonable accommodations needed by employees with disabilities.
Merit is responsible for compliance with the Americans with Disabilities Act (ADA), as well as other nondiscrimination/affirmative action legislation, including the provision of funds to make reasonable accommodations for individuals with disabilities.
C. EEO Compliance Officer
1.0 The EEO Compliance Officer is responsible for directing and coordinating Merit’s affirmative action programs. He or she will provide guidance to management to:

  • Ensure that appropriate accommodations are made for qualified individuals with disabilities.

  • Identify problem areas and make specific recommendations to overcome them.

  • Review and update programs to provide assistance to applicants and employees with disabilities.
    Monitor auditing and reporting systems.

  • Provide advice, counsel and assistance on all matters regarding equal opportunity, accommodations, accessibility for individuals with disabilities.

Facilitate the gathering, consolidation, analysis and preparation of any required reports.

2.0 The EEO Compliance Officer will coordinate Merit’s programs and responsibilities to assure compliance with the ADA and other federal and state laws and regulations pertaining to individuals with disabilities. In order to carry out this responsibility the EEO Compliance Officer shall:

  • Provide information, advice and assistance to departments to enable them to meet requirements related to individuals with disabilities.

  • Develop and conduct educational materials and programs regarding the requirements of the ADA and other laws pertinent to individuals with disabilities.

  • Act as the central contact person for individuals with disabilities who allege noncompliance with the ADA.

  • Maintain liaison with governmental agencies, officials and other organizations concerned with affirmative action programs and individuals with disabilities.
D. Human Resources Manager
1.0 The Human Resources Manager is responsible for assisting the EEO Compliance Officer in fulfilling their responsibilities, and specifically in reviewing the developing policies and practices that assure careful, thorough and systematic consideration of the job qualifications of employees and applicants with disabilities.
E. Other Supervisors and Managers
1.0 Every other member of supervision and management is responsible within his/her area of responsibility for conducting activities in a manner which will ensure compliance with this policy and the affirmative action programs.

VI. Recruitment:

Merit will not discriminate in its recruitment activities against a qualified applicant because of a disability.

All recruitment sources will be advised in writing of Merit’s policy and commitment to equal employment opportunities for individuals with disabilities.

Merit will provide job postings in a variety of media, such as board postings and on line computer postings, so that information about open positions will be available to individuals with a wide range of disabilities. In addition, the EEO Compliance Officer or Human Resource Manager will provide special assistance in accessing job postings to individuals with disabilities who request it.

Merit will take positive steps to attract qualified individuals with disabilities not currently in the workforce. It will work closely with recruiting sources, such as the Ann Arbor Center for independent Living, the Michigan Employment Security Commission, Michigan Rehabilitation Services, Michigan Commission for the Blind and other vocational rehabilitation agencies or facilities, and social services organizations serving individuals with disabilities.

5.0 Merit will use the phrase, “Merit Network as an equal opportunity/affirmative action employer,” on all recruiting, employment, and advertising publications.

6.0 Merit will strengthen and develop new recruiting sources from among those specializing in and/or oriented toward individuals with disabilities and maintain contact with other appropriate social service organizations, agencies, or facilities for such purposes as advice and technical assistance.

VII. Employment and Placement:

1.0 Qualified applicants with disabilities will be considered and placed for employment on the basis of their abilities. Reasonable accommodations will be provided upon request.

2.0 Selection for employment, training, or promotion will be on the basis of valid objective criteria and the ability to do assigned work.

Merit will provide specially-monitored, subsidized temporary employment placements for appropriately qualified individuals with disabilities on Long Term Disability. Upon successful completion, these individual placements may become regular. Merit will evaluate candidates, assist departments in making necessary accommodations, and monitor the employment experiences of such individuals who have disabilities. For individuals with other types of health-related leaves, rehabilitation services are also available to assist with counseling regarding self-management of medical conditions, worksite assessments, coordination of job search efforts, and coordination of job accommodations.

Merit may allow employees with disabilities to return to work in temporary accommodated positions while their conditions stabilize, in order to permit such employees to continue in the workforce and to maximize their abilities prior to a full release for a return to work, or to reduce the length of time between an on-the-job injury and a return to work for employees who are eligible for Worker’s Compensation. However, permanent removal of an essential function of a position shall not be considered a reasonable accommodation. Executive management, directors and supervisors may authorize light duty positions, when practicable, which allow employees to continue working following an injury which has resulted in a disability.

Upon request, Merit will arrange for career counseling for employees with disabilities and for counseling
about Merit job opportunities for applicants with disabilities.

Merit will maintain in confidence, to the extent required by applicable regulations, information provided by applicants or employees who identify themselves as having a disability.

VIII. Training:

1.0 Qualified applicants with disabilities will be considered and placed for training on the basis of their abilities. Reasonable accommodations will be provided upon request.

IX. Promotions, Demotions, Layoffs, Recalls and Transfers:

1.0 Promotions, demotions, layoffs, recalls, and transfers will be consistent with an employee’s qualifications and service. Reasonable accommodation will be provided if necessary.

2.0 In some cases, transfer of an employee with a disability into a vacant Merit position for which he/she is qualified will constitute a reasonable accommodation. Reassignment may be made to a vacant Merit position which is at the same or lower pay grade as the position currently held by the employee. Whenever reassignment to a vacant Merit position is the only way in which an employee with a disability can be reasonably accommodated, the employee with a disability will be given priority for placement into that vacant Merit position.

X. Facilities and Activities:

1.0 Merit will make reasonable accommodation to the known limitations of a qualified employee or applicant with a disability. Accommodation can be provided in a variety of ways, such as eliminating architectural barriers in existing facilities and future construction, creating accessible parking, modifying job stations, altering work schedules, or restructuring a job by redistributing marginal job functions.

XI. Human Resource Policies:

1.0 Human Resource policies and practices, such as compensation and benefit programs, are the subject of periodic review to ensure that they are consistent with applicable and current legal requirements and that they are administered without regard to a qualified applicant’s or employee’s disability.

XII. Subcontractors:

1.0 All subcontractors on government contracts will be informed of Merit’s commitments under relevant state and federal laws and regulations.

XIII. Reports and Records:

1.0 Merit will maintain, for a period not less than one year, records regarding complaints and action taken.

Issued: 07/01/12
Revised:
Merit Network – Policies & Procedures
Section: EEO/Affirmative Action Policy

DOWNLOAD PDF VERSION

1.4 – Disabled and Other Protected Veterans
Purpose:

To reaffirm Merit Network’s (Merit) continuing commitment to the principles of equal employment opportunity and to delineate the steps to be taken to ensure the successful realization of its obligation under the Vietnam Era Veteran’s Readjustment Act of 1974, Merit hereby establishes this equal opportunity-affirmative action policy for qualified disabled veterans and veterans of the Vietnam era.

II. Article II

General Policy of Merit – Individuals with Disabilities

Merit will not discriminate in its employment practices against applicants who have a physical disability. Placement will be commensurate with ability to perform assigned work. Employees with disabilities will receive the same regular compensation as employees who do not have disabilities for like work.

1.0 Disabled veteran means “a veteran who served on active duty in the U.S. military ground, naval, or air service and is entitled to disability compensation (or who but for the receipt of military retired pay would be entitled to disability compensation) under laws administered by the Secretary of Veterans Affairs, or was discharged or released from active duty because of a service-connected disability.”

2.0 Veteran of the Vietnam era means “a veteran of the U.S. military, ground, naval, or air service, any part of whose service was during the period August 5, 1964 through May 7, 1975, who served on active duty for a period of more than 180 days and was discharged or released with other than a dishonorable discharge, or was discharged or released from active duty because of a service-connected disability. “Vietnam era veteran” also includes any veteran of the U.S. military, ground, naval, or air service who served in the Republic of Vietnam between February 28, 1961 and May 7, 1975.”

3.0 Recently separated veteran means “any veteran who served on active duty during the three-year period beginning on the date of such veteran’s discharge or release from active duty.”

4.0 Armed Forces Service Medal veteran means “a veteran who, while serving on active duty in the U.S. military ground, naval, or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.”

5.0 Other protected veteran means “any other veteran who served on active duty in the U.S. military ground, naval, or air service during a war or in a campaign or expedition for which a campaign badge has been authorized.”

6.0 “Disabled veteran,” “Veteran of the Vietnam era,” “recently separated veteran,” “Armed Forces Services Medal veteran” and “other protected veteran,” as defined immediately above, are referred to collectively in this policy as “covered veteran.”

III. Article III

Specific Policy:

Merit will not discriminate against any employee or applicant for employment because he or she is a covered veteran in regard to any position for which the employee or applicant for employment is qualified. Merit agrees to take affirmative action to employ, advance in employment and otherwise treat qualified covered veterans without discrimination based upon their disability or veteran’s status in all employment practices such as the following: Employment upgrading, demotion or transfer, recruitment, recruitment advertising, lay-off or termination, rates of pay or other forms of compensation and selection for training, including apprenticeship.

IV. Article IV

Dissemination of Policy:

To ensure understanding, acceptance and support among Merit’s executives, managers, supervisors and all other personnel and to encourage them to take the necessary steps to aid Merit in meeting its obligations to covered veterans, Merit will communicate information on this nondiscrimination policy and its affirmative action program on a periodic basis to all employees. Applicants for employment, as well as employees, will be informed of Merit’s commitment to increase employment opportunities for qualified covered veterans. Merit will post its non-discrimination-affirmative action policy on appropriate bulletin boards, including a statement that all employees and prospective employees are protected from coercion, intimidation, interference, discrimination or other adverse treatment, for filing a complaint or assisting in an investigation under the Vietnam Era Veteran’s Readjustment Assistance Act of 1974, as amended.

All executive, managerial and supervisory personnel will be kept informed of the Merit’s commitment and Merit will give its obligation under the Act high priority at appropriate managerial, supervisory and other special personnel meetings and employee orientation and management training programs. It will be a basic item on the agenda of, the executive officers and other managerial and supervisory meetings at least once a year and more frequently as needs dictate.
Merit will reproduce this policy in its Policies section of Merit’s Web site and on Merit’s internal iWeb.

4.0 Merit publications such as the Merit Connections newsletter to members, collateral material and Web site will publicize Merit’s affirmative action program and will feature articles on the progress, promotions and accomplishments of covered veterans.

5.0 When appropriate, vendors, subcontractors, and suppliers will be informed about Merit’s non- discrimination affirmative action program for covered veterans.

V. Article V

Implementation Responsibility:

  1. Executive Officers:
    1.0 Ultimate responsibility for the implementation of this policy and Merit’s other affirmative action programs rests with the Executive Officers (the President and Vice-Presidents).
    Each Executive Officer is responsible for the administration of this policy and Merit’s affirmative action program within his/her area of responsibility
  2. Director of Affirmative Action Programs:
    1.0 The EEO Compliance/Affirmative Action Programs Officer is responsible to the executive officers for directing and coordinating Merit’s affirmative action programs. The EEO Compliance/Affirmative Action Programs Officer is to systematize the review and update the programs and provide advice, counsel, and assistance regarding equal opportunity matters. This will include the following:

    1.1 Review of employment records to determine (a) the availability of known promotable and transferable qualified covered veterans within Merit, and (b) whether their present and potential skills are being fully utilized or developed.

    1.2 Development of techniques for effectively communicating information about Merit’s affirmative action program.

    1.3 Implement a procedure which systematically monitors the program. Monitoring will include:

    1. evaluation of recruitment techniques and sources for covered veterans;

    2. analysis of the hiring and training of known covered veterans;

    3. review of promotions and transfers of known covered veterans;

    4. identification of problem areas with specific recommendations for overcoming them.

    2.0 Additionally the EEO Compliance Officer will:

    2.1 Ensure there is a continued liaison with governmental agencies, officials and organizations of and for covered veterans.

    2.2 Keep the Merit community informed of the latest developments in the entire affirmative action area.

    2.3 Coordinate data gathering, consolidate and analyze data and prepare any required reports.

  3. EEO Compliance Officer
    1.0 The EEO Compliance Officer within his/her area of responsibility, shall review and develop personnel policies and practices that ensure careful, thorough and systematic consideration of the job qualifications of known covered veteran employees and applicants for employment.

  4. Other Managers and Supervisors
    1.0 All other members of management and supervision are responsible within each one’s area of responsibility for conducting employment activities in a manner which will ensure compliance with this policy and the affirmative action programs

VI. Article VI

Recruitment:

Merit will not discriminate against a qualified applicant for employment because he or she is a covered veteran in any of its recruitment activities.

2.0 All recruitment sources will be advised of Merit’s nondiscrimination–affirmative action policy and of its commitment to equal employment opportunities for covered veterans.

3.0 To attract qualified covered veterans, Merit will enlist the assistance and support of all recruiting sources, including the Michigan Employment Security Commission, appropriate offices of the Veteran’s Administration, college placement offices and veteran’s counselors, and local and national veteran’s groups.

4.0 Merit will make special efforts to reach covered veterans at all educational institutions from which it recruits.

5.0 Merit will continue to use the following statement: “Merit Network is an Equal Opportunity/Affirmative Action Employer” on all recruiting, employment and advertising publications job registries and other media effective in broadening the pool of covered veterans.

6.0 Merit will strengthen and develop new recruiting sources from among those specializing in the placement of and/or training of covered veterans and will establish meaningful contacts with other appropriate veteran’s organizations which service covered veterans, for such purposes as advice, technical assistance and referral of potential employees.

7.0 Search or screening committees will employ methods which will most likely result in the inclusion of qualified covered veterans in the pool of candidates.

VII. Article VII

Employment and Placement:

1.0 Qualified applicants for employment will be considered and placed without regard to their status as a covered veteran. Additionally, Merit will attempt to make a reasonable accommodation to the physical and mental limitations of a disabled veteran.

2.0 Selection for employment, training or promotions will be on the basis of valid objective criteria and free from stereotypical assumptions regarding covered veterans and their ability to perform assigned work. Only that portion of the military record, including release or discharge papers, relevant to the specific job qualifications will be considered in the placement or employment of a covered veteran.

3.0 Merit will arrange for career counseling for known covered veteran.

4.0 Merit will maintain in confidence, to the extant required by 60 250 of 41 CFR, information provided by any employees or applicants who identify themselves as covered veterans.

VIII. Article VIII

Training:

1.0 Selection for, and participation in, all Merit training programs will be, insofar as possible, without regard to an employee’s or applicant’s status as a covered veteran, and consistent with a reasonable accommodation to the physical and mental limitations of the trainee.

2.0 Merit will cooperate with appropriate offices of the Veteran’s Administration in the establishment of on-the-job training opportunities for qualified covered veterans.

IX. Article IX

Promotions, Demotions, Layoffs, Recall and Transfers:

1.0 For the purpose of promotions, demotions, layoffs, recalls and transfers, an employee’s qualifications and service will be considered without regard to his or her status as a covered veteran.

2.0 To ensure equal opportunity for promotion for covered veterans, Merit will continue to advertise the availability of all open positions on a Merit-wide basis.

X. Article X

Personnel Policies:

1.0 Personnel policies and practices, such as compensation and benefit programs, will be the subject of periodic review to ensure that they are consistent with applicable and current legal requirements and that they are administered without regard to an employee’s or applicant’s status as a covered veteran.

XII. Article XII

Subcontractors:

1.0 All subcontractors on government contracts will be informed of Merit’s commitments under the Vietnam Era Veterans Readjustment Assistance Act of 1974, Public Law 93-508, as amended.

2.0 Merit will include a non-discrimination–affirmative action clause in every subcontract or purchase order of $10,000.00 or more, according to the provisions of the Act.

XIII. Article XIII

Reports and Records:

1.0 Merit will provide such reports as may be required by the Act and will maintain, for a period of not less than one year, records regarding complaints and actions taken thereunder.

Issued: 07/01/12
Revised:
Merit Network – Policies & Procedures
Section: EEO/Affirmative Action Policy