MANUAL GUIDE: Information Resources Management CDC-8
DATE OF ISSUE: 6/7/99; UPDATED: 11/5/99
CIO CONTACTS: Information Resources Management Office, Office of General Counsel
MATERIAL SUPERSEDED: CDC Information Resources Management Memorandum, No. 94-1, E-Mail Use and Procedures, dated 2/15/94 and CDC General Memorandum, No. 89-2, Authorized Use of Government Telephone Systems for Necessary Personal Use, dated 2/10/89

Employee Use of CDC Information Technology Resources

Sections: I. Purpose
II. Background
III. Policy
IV. Authority
V. Procedures
VI. References
Exhibit: Authorization for Single Instance - Access to Employee Information Resources


The purpose of this issuance is to establish the policy for employee use of Information Technology (IT) resources at the Centers for Disease Control and Prevention (CDC).1 This policy applies to all CDC IT resources regardless of location (i.e. office, home, field locations, etc.).


The mission of CDC requires its employees to have access to electronic mail (e-mail), Intranet, Internet and other IT resources (such as the CDC local area network, voice mail, telephones, faxes, pagers, copy machines, etc.) to support the conduct of official programmatic and administrative duties. Use of these systems of communication is intended for official purposes. However, CDC employees may use CDC IT resources for limited personal use under certain circumstances.


Employees are permitted limited use of e-mail, Intranet, Internet and other IT resources (e.g., voice mail, telephones, faxes, pagers, and copy/print machines) for personal needs if the use is incidental, involves minimal additional expense to the government, is performed on the employee's personal time, does not interfere with the mission or operations of the agency, and does not violate federal laws or the following provisions of this policy.

Employees are also permitted use of these resources for personal needs during duty hours, insofar as such use is for professional enhancement related to the mission of CDC.


Generally, employees may use government equipment for official purposes only, or as authorized by the government. As set forth in this policy, incidental personal use of CDC IT resources by employees during personal time is considered to be an "authorized use" of government property as that term is used in the Standards of Ethical Conduct for Employees of the Executive Branch.


1. Prohibited Uses

Use of CDC IT systems and resources are subject to federal laws and regulations governing such, including, but not limited to:

With respect to these laws and regulations, prohibited uses include:

2. Other Prohibited Uses

Employees, including managers and supervisors, shall avoid any use of CDC IT resources and systems that demeans other employees, groups, individuals, and organizations, or causes unnecessary costs, congestion, delay, or disruption of service to any government systems or equipment, including:

3. Privacy Expectation

Executive Branch employees, including CDC employees, do not have a right to nor expectation of privacy while using any government equipment at any time, including: accessing the Internet (e.g., participating in a "chat" room or forum), using e-mail, or during authorized personal use. To the extent that employees prefer their personal information resources to remain free of access by supervisors and managers they should avoid use of CDC IT resources and systems.

Except in the legitimate performance of their duties, CDC policy prohibits system administrators, agency officials, and supervisors from violating or overriding the privacy of an employee with respect to the information that the employee receives, stores, or transmits. Nevertheless, due to technical, administrative, or legal reasons, system administrators, agency officials, and/or supervisors may be authorized to access information, files, materials and messages which reside in hardware or software used by employees. Authorizations must be documented and made available to employees as soon as possible after authorized access occurs; and their acknowledgment of the event noted on the Authorization for Single Instance Access to Employee Information Resources form found as an exhibit to this policy.

4. Monitoring, Compliance, and Disciplinary Action

CDC has the capability and the authority to evaluate the performance and use of its IT resources and will routinely monitor their use. Individuals who abuse these resources, knowingly interfere with the operation of IT systems, or otherwise fail to comply with the provisions of this policy are subject to disciplinary action, including loss of associated privileges.

A. 5 CFR 2635, Section 101, Basic Obligation of Public Service,
Section 704, Use of Government Property,
Section 705, Use of Official Time.


B. 17 USC, COPYRIGHTS, Sections 106-110, Exclusive Rights and Limitations.

C. 18 USC 1913, Lobbying With Appropriated Moneys.

D. 45 CFR 5, Freedom of Information Regulations.

E. 45 CFR 5b, Privacy Act Regulations.

F. 41 CFR 101-35.201, Telecommunications Management Policy, Authorized Use of Long Distance Telephone Services.

G. CDC Printing Management Manual Guide CDC-1, Reproduction of Copyrighted Materials, 12/10/97.

H. OMB Circular A-130, Appendix III, Security Of Federal Automated Information Resources.

1 References to CDC also apply to ATSDR.

Originally Posted at: