Students

Secure Web Application Development, Information Technology

Posted on June 21, 2012April 3, 2025 by Brandon Murray

Title:	Secure Web Application Development, Information Technology
Policy Owner:	Information Security Office
Applies to:	Students, Employees, Users
Campus Applicability:	Storrs and Regionals
Effective Date:	May 16, 2012
For More Information, Contact	Chief Information Security Officer
Contact Information:	(860) 486-8255
Official Website:	https://security.uconn.edu/

Departments will ensure that development, test, and production environments are separated. Confidential Data must not be used in the development or test environments.

Production application code shall not be modified directly without following an emergency protocol that is developed by the department, approved by the Data Steward, and includes post-emergency testing procedures.

Web servers that host multiple sites may not contain Confidential Data.

All test data and accounts shall be removed prior to systems becoming active in production.

The use of industry-standard encryption for data in transit is required for applications that process, store, or transmit Confidential Data.

Authentication must always be done over encrypted connections. University enterprise Central Authentication Service (CAS), Shibboleth, or Active Directory services must perform authentication for all applications that process, store, or transmit Confidential or Protected Data.

Change sentence to “Web application and transaction logging for applications that process, store, or transmit Confidential Data or Regulated Data must submit system-generated logs to the ITS Information Security Office. For more information please view UConn’s Logging Standard.

Departments implementing applications must retain records of security testing performed in accordance with this policy.

Policy Created: May 16, 2012

Security Awareness Training Policy, Information Technology

Posted on June 21, 2012March 17, 2026 by Brandon Murray

Title:	Security Awareness Training Policy, Information Technology
Policy Owner:	Information Technology Services / Chief Information Security Officer
Applies to:	University Workforce Members
Campus Applicability:	All UConn Campuses, except UConn Health
Approval Date:	March 4, 2026
Effective Date:	March 9, 2026
For More Information, Contact:	UConn Information Security Office
Contact Information:	techsupport@uconn.edu or security@uconn.edu
Official Website:	https://security.uconn.edu

PURPOSE

The Information Security Office (ISO) maintains an active Security Awareness Training program available to all faculty, staff, and student employees. This policy establishes the authority of the ISO to mandate Security Awareness training as needed and outlines the expectations for individuals and departments in assisting with ensuring the confidentiality, integrity, and availability of university systems, services, and data.

APPLIES TO

This policy applies to all University workforce members who regularly interact with or have access to confidential or protected information within the university.

DEFINITIONS

Confidential Data: Institutional information protected by law, government regulations, statutes, industry regulations, contractual obligations, or specific university policies. Examples of confidential data may include Personally Identifiable Information (PII), Protected Health Information (PHI), Educational Records (FERPA), Credit Card Information (PCI-DSS). An extended list of Confidential Data can be found in Appendix A of the Data Classification Policy.

Protected Data: Institutional information that must be guarded due to proprietary, ethical, privacy, or business process considerations. By default, most administrative data will fall into this classification or if data is not confidential or public.

POLICY STATEMENT

While the Information Security Office maintains an active information security program, faculty and staff members’ knowledge of the threats and risks to the University’s systems and data is a critical component in helping to defend the University from attack.

The ISO maintains an Information Security Awareness program that supports University employees’ and students’ needs for regular training. Training on important information security topics is available or communicated in multiple ways including:

Online training systems with a variety of topics relevant to Information Security.
Communications to targeted groups of ongoing or imminent threats
Postings on various web-based systems across the university.
Availability of ISO staff for in-person discussions on information security.

As part of their ongoing operations and employee development, all academic and administrative departments must identify opportunities to engage faculty, staff, and student employees in Security Awareness training. These opportunities may include those offerings from the ISO or a tailored program for specific threats against departments or systems, which may also be included in procedural manuals or scheduled as group training opportunities.

The ISO is authorized to mandate Security Awareness training. In some areas, Security Awareness training may be mandatory based on federal or industry regulations. Training for these programs must be coordinated with the ISO to ensure regulatory requirements are met.

ENFORCEMENT

Failure to comply with mandatory Security Awareness training, or to coordinate training with the ISO, may result in appropriate disciplinary measures in accordance with University By-Laws, General Rules of Conduct for All University Employees, applicable collective bargaining agreements, and the University of Connecticut Student Code.

PROCEDURES/FORMS

Questions about this policy or suspected violations may be reported to any of the following:

Office of University Compliance – https://compliance.uconn.edu (860-486-2530)

Information Technology Services Tech Support – https://techsupport.uconn.edu (860-486-4357)

Information Security Office – https://security.uconn.edu

REFERENCES

Compliance Training Policy
Data Classification Policy

POLICY HISTORY

Policy created: May 16, 2012

Revisions:
August 30, 2021 (Approved by the President’s Senior Team)
March 4, 2026 (Approved by the Senior Policy Council and President)

Risk Management, Information Technology

Posted on June 21, 2012March 10, 2026 by Brandon Murray

Title:	Risk Management, Information Technology
Policy Owner:	Information Technology Services / Chief Information Security Officer
Applies to:	System Owners and IT Professionals
Campus Applicability:	All UConn Campuses, except UConn Health
Approval Date:	February 20, 2026
Effective Date:	March 9, 2026
For More Information, Contact:	UConn Information Security Office
Contact Information:	techsupport@uconn.edu or security@uconn.edu
Official Website:	https://security.uconn.edu

PURPOSE

As technology and its capabilities change our environment, threats against these technologies also evolve. To provide the highest level of protection for the University, department and system owners are responsible for regular assessments of risks to their technology platforms. The Information Security Office is responsible for overseeing the evaluation of IT risks across the organization.

APPLIES TO

This policy applies to all System Owners, from University departments and schools/colleges, and IT Professionals.

DEFINITIONS

Risk Assessment: Part of the ongoing risk management process that assigns relative priorities for mitigation plans and implementation.

Risk Assessment Tool: Risk assessment tools are available to department and school/college system owners and IT professionals to collect information about systems, services, and data that will inform efforts to continuously strengthen UConn’s information security.

System Owner: The individual – such as a faculty member, department head, manager, or other employee – who is responsible for the planning and operation of the service. All systems have a designated system owner.

IT Professional: An individual (staff) who is trained and skilled in using technology to solve business problems coupled with assigned job duties in support of technology at the university. This must be a defined responsibility within the position job description and may not fall under “other duties as assigned.” Appropriate training, support, and budget must also be available in support of the IT Professional role.

POLICY STATEMENT

The Information Security Office (ISO) is authorized to administer the University’s risk management process, which includes the delegation of responsibility for ensuring that information systems are assessed for risk.

Due to the size and complexity of the UConn environment, each department and system owner is responsible for conducting a regular and ongoing risk assessment of the Information Technologies they are responsible for overseeing.

In conducting a risk assessment, departments/individuals should evaluate risks to Information Technology based on a People, Process, Technology (PPT) methodology. Using this methodology and leveraging ISO policies, including the Acceptable Use Policy, Data Classification Policy, Data Roles and Responsibilities Policy, Security Awareness Training Policy and System and Application Security Policy (available at https://security.uconn.edu), departments must evaluate opportunities to reduce risk to the confidentiality, integrity, and availability of information technology assets.

Some University organizations will be required to do regular risk assessments as a regulatory or industry requirement. This policy does not reduce or relieve the responsibility of System Owners to complete regulatory and industry‑required assessments.

ENFORCEMENT

Violations of this policy and any related procedures may result in appropriate disciplinary measures in accordance with University By-Laws, General Rules of Conduct for All University Employees, applicable collective bargaining agreements, and the University of Connecticut Student Code.

PROCEDURES/FORMS

Questions about this policy or suspected violations may be reported to any of the following:

Office of University Compliance – https://compliance.uconn.edu (860-486-2530)

Information Technology Services Tech Support – https://techsupport.uconn.edu (860-486-4357)

Information Security Office – https://security.uconn.edu

POLICY HISTORY

Policy created: May 12, 2016

Revisions:
August 30, 2021 (Approved by the President’s Senior Team)
February 20, 2026 (Approved by the Senior Policy Council)

Data Classification Policy

Posted on June 21, 2012March 11, 2024 by Brandon Murray

Title:	Data Classification Policy
Policy Owner:	Information Technology Services / Chief Information Security Officer
Applies to:	All students, faculty, staff, volunteers, and contractors
Campus Applicability:	All Campuses except UConn Health
Effective Date:	August 30, 2021
For More Information, Contact	UConn Information Security Office
Contact Information:	techsupport@uconn.edu or security@uconn.edu
Official Website:	https://security.uconn.edu/

PURPOSE

This policy defines the classifications of institutional data (i.e., the categories of data that the University is responsible for safeguarding) and the associated measures that are necessary to safeguard each classification. Institutional data commonly exists in many forms, including electronic, magnetic, optical, and traditional paper documents. Common types of electronic data include email messages, spreadsheets, word processing documents, PDF reports, and university managed databases and file storage systems.

APPLIES TO

This policy applies to all University faculty, staff, students, student employees, volunteers, and contractors who have access to protected or confidential information. This policy covers data that is stored, accessed, or transmitted in all formats, including electronic, magnetic, optical, paper, or other non-digital formats.

DEFINITIONS

Cloud: Any environment not operated by UConn. This includes cloud-based services that provide basic infrastructure including operating system and storage or services that provide a full software stack for an intended purpose or platform offering multiple services.

Public Data: Institutional information that may or must be freely available to the general public. Such information has no local, national, international, or contractual restrictions on access or usage.

POLICY STATEMENT

Through the normal course of business, many individuals at the University of Connecticut collect, maintain, transmit, and/or have access to personal information, financial data, and other information which is protected or confidential in nature. The protection of some types of data is governed by industry or governmental regulations. While other types of information may not be covered by specific legal requirements, it is in the University of Connecticut’s best interest to take steps to safeguard all university information reasonably and responsibly.

Except for those classes of data expressly protected by statute, contract, or industry regulation, the data classification examples presented in this policy are guidelines. Ultimate responsibility for the classification in the university environment is determined by the Data Steward, as defined in the University’s Data Roles and Responsibilities Policy, and the Office of General Counsel for any given set of data.

Data Protection

The University of Connecticut has established the following requirements and guidelines in order to protect each classification of data.

Public Data

While there are few restrictions on public data, such data should be properly secured to prevent unauthorized modification, unintended use, or inadvertent/improper distribution. It should be understood that any information that is widely disseminated within the university community is potentially available to the public at large.

The following guidelines are for information systems that are used to store and share the University’s public data.

When practical, public data should only be shared via systems over which the University maintains full administrative control, which includes the ability to remove or modify the data in question.
Information systems, such as web servers or cloud services that are used to share public data, must be properly secured to prevent the unauthorized modification of published public data.
Interactive access to databases containing public data, such as online directories or library catalogs, should be properly secured using query rate limiting, CAPTCHA’s or similar technology to impede bulk downloads of entire collections.

Protected Data

Protected data requires additional levels of protection because its unauthorized disclosure, alteration, or destruction could cause damage to the University or its constituents.

In addition to the requirements outlined for public data, protected data must also meet these requirements:

If stored in the cloud, stored only on cloud-based information systems managed or contracted by the University.

Protected through the use of authenticated access in order to prevent loss, theft, or unauthorized access, disclosure or modification.
Printed sensitive data including reports must be stored in a secure manner (file cabinet, closed office, or department where electronic/physical access control systems are in place) when not in use.

Confidential Data

Confidential data (see Appendix A) requires the highest level of protection due to the risk and magnitude of loss or harm that could result from disclosure, alteration, or destruction of the data. Certain types of information, such as health information, may have additional requirements for protection. Wherever possible, confidential information should remain in source systems and not propagated through saved files, spreadsheets, or other file formats. Whenever storage of confidential data is required outside the source system, it should be limited to the minimum amount, and for the minimum time, required to perform the business function, or as required by law and/or State of Connecticut Data Retention requirements.

In addition to the requirements for protected data, confidential data must be:

Protected with strong passwords and should leverage Multi-Factor Authentication whenever such capabilities exist.
Stored on devices that have appropriate protection, monitoring and encryption measures in order to protect against theft, unauthorized access and unauthorized disclosure.
Transmitted using approved encryption methods.
Accessed via approved remote access services such as VPN when accessed remotely.
Stored on university-owned devices. Confidential data is not permitted to be stored on any personally owned devices including mobile phones, laptops, or home computers.
Stored, if printed material, only in a locked drawer; a locked room; an area where access is controlled by a guard, cipher lock, and/or card reader; or an area that has sufficient physical access control measures to afford adequate protection and prevent unauthorized access by members of the public, visitors, or other individuals not on a need-to-know basis.

The University’s Confidential Data may not be accessed, transmitted, or stored using public computers or via email.

Encryption

To maintain its confidentiality, all data shall be encrypted while in transit across communication networks or when stored. Stored data may only be encrypted using current encryption methodologies. To ensure that data is available when needed, each department or user of encrypted University data will ensure that encryption keys are adequately protected and that procedures are in place to allow data to be recovered by another authorized University employee. In employing encryption as a privacy tool, users must be aware of, and are expected to comply with, Federal Export Control Regulations.

Service Providers

Departments shall take steps to ensure that third-party service providers understand the University’s Data Classification Policy and protection of the University’s Data. No user may give a third-party access to the University’s Protected or Confidential Data or to systems that store or process Protected or Confidential Data without permission from the Data Steward and a standard Confidentiality Agreement from University Procurement in place.

Disposal

Systems administrators will ensure that all data stored on electronic media is properly destroyed or wiped to current Department of Defense Data Wipe standards prior to the disposal or transfer of the equipment. 

Confidential Data maintained in hard copy form will be properly disposed of when no longer required for business or legal purposes.

ENFORCEMENT

Violations of this policy may result in appropriate disciplinary measures in accordance with University By-Laws, General Rules of Conduct for All University Employees, applicable collective bargaining agreements, and the Student Code.

Questions about this policy or suspected violations may be reported to any of the following:

Office of University Compliance – https://compliance.uconn.edu (860-486-2530)

Information Technology Services Tech Support – https://techsupport.uconn.edu (860-486-4357)

Information Security Office – https://security.uconn.edu

REFERENCES

Data Roles and Responsibilities, Policy On

POLICY HISTORY

Policy created: May 16, 2012

Revisions: August 30, 2021

Data Roles and Responsibilities Policy

Posted on June 21, 2012September 9, 2021 by Brandon Murray

Title:	Data Roles and Responsibilities Policy, Information Technology
Policy Owner:	Information Technology Services / Chief Information Security Officer
Applies to:	All students, faculty, and staff
Campus Applicability:	All campuses except UConn Health
Effective Date:	August 30, 2021
For More Information, Contact	UConn Information Security Office
Contact Information:	techsupport@uconn.edu or security@uconn.edu
Official Website:	https://security.uconn.edu/

PURPOSE

To define the responsibilities of individuals within the organization in protecting the University of Connecticut’s data assets.

APPLIES TO

This policy applies to all University faculty, staff, students, student employees, volunteers, and contractors who have access to or have been assigned one of the roles defined in this policy.

POLICY STATEMENT

Through the normal course of operations of the University, ever increasing amounts of data are created, processed, modified, and eventually disposed of as part of daily activities. To ensure the proper management of the various data sets, the University has defined the following roles and responsibilities to ensure data is properly protected, used, and managed throughout its lifecycle.

Data Stewards are employees of the university responsible for the overall use and proper handling of administrative, academic, public engagement, or research data. Data Stewards must classify data according to the University’s Data Classification Policy. Data Stewards ensure that appropriate steps are taken to protect data and implement policies and agreements that define appropriate use of data.

The Data Steward or their designated representatives are responsible for:

Ensuring the information they are responsible for is accurate
Authorizing the specific use of information across the organization
Working with other Data Stewards to resolve conflicting data issues
Specify appropriate controls, based on data classification, to protect the data from unauthorized modification, deletion, or disclosure
Ensuring access rights are evaluated on a regular basis

Data Administrators are usually system administrators who are responsible for applying appropriate controls to data based on its classification level and required protection level. Data Administrators are also responsible for securely processing, storing, and recovering data. The Data Administrator is accountable for:

Implementing the appropriate controls specified by the Data Stewards
Removing access rights to specific data resources due to a job change or separation from the University
Implementing the appropriate monitoring techniques and procedures for detecting, reporting, and investigating incidents
Assisting Data Stewards in evaluating the overall effectiveness of controls and monitoring

Data Users are individuals who receive authorization from the Data Steward/Administrator to access, enter, or update information. Data Users must use the resource only for the purpose specified by the Data Steward, complying with controls established by the Steward, and preventing disclosure or confidential or protected information.

ENFORCEMENT

Failure to properly fulfill the roles and responsibilities articulated in this policy may result in appropriate disciplinary measures in accordance with University By-Laws, General Rules of Conduct for All University Employees, applicable collective bargaining agreements, and the Student Code.

Questions about this policy or suspected violations may be reported to any of the following:

Office of University Compliance – https://compliance.uconn.edu (860-486-2530)

Information Technology Services Tech Support – https://techsupport.uconn.edu (860-486-4357)

Information Security Office – https://security.uconn.edu

POLICY HISTORY

Policy created: May 16, 2012

Revisions: August 30, 2021 [Approved by President’s Senior Team]

Acceptable Use, Information Technology

Posted on June 21, 2012March 10, 2026 by Brandon Murray

Title:	Acceptable Use, Information Technology
Policy Owner:	Information Technology Services/Chief Information Security Officer
Applies to:	All University Information Technology Users
Campus Applicability:	All Campuses, except UConn Health
Approval Date:	March 4, 2026
Effective Date:	March 9, 2026
For More Information, Contact:	UConn Information Security Office
Contact Information:	techsupport@uconn.edu or security@uconn.edu
Official Website:	https://security.uconn.edu/

BACKGROUND

The University’s Information Technology (IT) Resources support the academic, research and administrative needs of the University’s constituents, including students, faculty, staff, and guests. These resources must be used in a responsible manner consistent with Federal and State laws and University policies.

PURPOSE

To define expectations of appropriate use and inform all users of IT Resources at UConn of their obligation to comply with all existing laws and institutional policies in their use of these resources.

APPLIES TO

This policy applies to all constituents (students, faculty, staff, affiliates and guests) who use UConn’s IT Resources, including but not limited to wired and wireless networks, computer-based systems and services, printers/copiers, and cloud-based services.

DEFINITIONS

Access Point (AP): A networking hardware device that allows other Wireless (Wi-Fi) devices to connect to the University network.

Information Technology (IT) Resources: Include but are not limited to:

Systems and equipment such as computers, hard drives, printers, scanners, video and audio recorders, cameras, photocopiers and other related devices.
Software such as computer software, including open-source and purchased software, and all cloud-based software including infrastructure-based cloud computing and software as a service.
Networks such as all voice, video, and data systems, including both wired and wireless network access across the institution.

Internet of Things (IoT): Devices that communicate across a network without direct human interaction. These include but are not limited to smart assistants, lightbulbs, appliances, and televisions.

Software: Includes but is not limited to any electronic program, data file, subscription to an electronic service, or operating system necessary to conduct business on an electronic device.

POLICY STATEMENT

The appropriate use of IT Resources focuses on three primary areas including: (1) the fair and equitable use of limited resources by all constituents; (2) individual responsibilities in the use of UConn IT Resources; and (3) the appropriate use of IT Resources in compliance with all applicable federal and state laws, university rules, regulations and policies.

All activities involving the use of IT Resources are not personal or private; therefore, users should have no expectation of privacy in the use of these resources. Information stored, created, sent or received via UConn systems, including cloud-based systems, may be accessible when required by law, including requests made under the Freedom of Information Act (FOIA), the Family Educational Rights and Privacy Act (FERPA), subpoena, or other legal process, statute, or regulation.

ACCEPTABLE USE

UConn provides IT Resources to enable faculty, students, and staff to accomplish their university-related work and support the University’s mission. University equipment is to be used primarily in support of the University’s mission and may not be used to conduct commercial activities or any activity prohibited by state and federal law or University policy.
IT Resources, including third-party cloud services, may not be used for the illegal download, copying, or distribution of copyright materials without the copyright owner’s permission or where not permitted by fair use standards under the TEACH Act.
Actions that negatively impact the ability of the University to operate or cause undue stress on IT Resources are prohibited. These actions include but are not limited to interfering with the legitimate use of IT Resources by others, introducing additional software or devices to any IT Resource without appropriate authorization, or the mass mailing of unapproved email or other electronic communication.
Do not intentionally seek or provide information or access to IT Resources to which one is not authorized, nor assist others in doing so. Do not attempt to subvert or circumvent University systems’ security measures nor use University IT Resources to subvert or circumvent other systems’ security measures for any purpose.
Do not publish, post, transmit or otherwise make available content that is in violation of law or policy. The University cannot protect individuals against the existence or receipt of material that may be offensive to them. As such, those who make use of electronic communications are warned they may come across or be recipients of material they find offensive or objectionable.
Do not violate the privacy of other individuals. This includes viewing, monitoring, copying, altering, or destroying any file, data, transmission or communication unless you have been given explicit permission by the owner.
Do not forge, maliciously disguise or misrepresent your personal identity. This policy does not prohibit users from engaging in anonymous communications, providing that such communications do not otherwise violate the Acceptable Use Policy.
University technology resources may not be used by employees of the University for partisan political purposes or presenting the impression the University has a particular political position except for those individuals authorized by the University as part of their formal responsibilities.

SOFTWARE

Use of software on university owned assets must comply with all applicable laws, regulations, and license requirements.
The University shall procure software licenses for all programs necessary to meet its needs in accordance with copyright law. The use of University licensed software is restricted to conducting University business including uses necessary to support the academic mission.
Only authorized software shall be installed or used on university owned assets. The use of unlicensed software copies (software used in violation of the software license), personally licensed software, and unauthorized open source or shareware software is prohibited.
Use of university IT Resources to make software copies in violation of a licensing agreement is prohibited.
Users of university license agreements shall cooperate and comply with the University Software Librarian, the Information Security Office, the Office of Compliance, and the Controller’s Office regarding the inventory or audit of software assets and any licensing disputes.
Use of software that may cause harm to the University or its systems is prohibited. By way of example, prohibited software includes but is not limited to: malware, viruses, worms, trojans, pirated software, cracked software, packed software, potentially unwanted programs (PUP), software obtained from secondary or non-legitimate sources, software intended or used for offensive hacking (without appropriate approval and containment controls), or any other software which by its use or design may cause harm to University services and systems.

INDIVIDUAL RESPONSIBILITIES

Protect your data and the institution’s data
Do not share your password, multi-factor authentication, or any other form of security credential with ANYONE or allow anyone else to use your account(s).
Do not use anyone else’s account.
Be vigilant in identifying and reporting various types of phishing attacks to gain access to your information. Store confidential and/or sensitive University data on appropriate University approved services only.
All university owned and personal devices connecting to the University network (including tablets, cell phones and IoT devices) must be kept up-to-date with current operating system and software patches, and employ automatically updating security measures including but not limited to anti-virus and anti-malware.
Do not utilize UConn computing resources, including personally owned computers connected to UConn’s network for non-University related commercial activity.
Users who permit others to connect to a computer acting as a server have the additional responsibility to respond to any use of their server that is in violation of the Acceptable Use Policy. Administrators of IT Resources and those who permit the use of computers by others are responsible for the security of their systems and the actions of others on their systems.

ENFORCEMENT

Individual or system access may be revoked at any time based on the decision of the Chief Information Security Officer or the Chief Information Officer to protect the confidentiality, integrity, and/or availability of UConn IT Resources.

PROCEDURES/FORMS

Questions about this policy or suspected violations may be reported to any of the following:

Office of University Compliance – https://compliance.uconn.edu (860-486-2530)

Information Technology Services Tech Support – https://techsupport.uconn.edu (860-486-4357)

Information Security Office – https://security.uconn.edu

POLICY HISTORY

Policy created: May 16, 2012

Revisions:
August 24, 2015
August 30, 2021 (Approved by President’s Senior Team)
March 4, 2026 (Approved by the Senior Policy Council and President)

Space Heaters in University Buildings

Posted on January 11, 2012January 1, 2025 by Quiles, Anida

Title:	Space Heaters in University Buildings
Policy Owner:	UConn Fire Marshal and Building Inspector
Applies to:	University Workforce Members and Students
Campus Applicability:	All UConn Campuses except UConn Health
Approval Date:	December 24, 2024
Effective Date:	January 1, 2025
For More Information, Contact:	UConn Fire Marshal
Contact Information:	firemarshal@uconn.edu
Official Website:	https://firemarshal.universitysafety.uconn.edu/

PURPOSE

To protect employees, students, and visitors from fire, electrical, and other safety risks associated with space heaters. The policy is designed to comply with the Connecticut State Fire Prevention & Building Codes, regulations from the Connecticut Department of Public Health, and the Connecticut Occupational Safety and Health Administration.

APPLIES TO

This policy applies to University workforce members and students using space heaters in University-Property at the Storrs and Regional Campuses, extension centers, and the UConn School of Law.

DEFINITIONS

University Property: Any building, space, or area under the control of or leased by the University of Connecticut.

POLICY STATEMENT

The University of Connecticut is committed to providing a safe and healthful environment.

Improper usage of space heaters poses serious fire and safety risks to the UConn community. Space heaters must be selected from the UConn Fire Department/Fire Marshal Unit (FD/FMU) list of approved models and used only under conditions outlined in this policy. Unapproved or non-electric space heaters are strictly prohibited.

All space heaters require a permit for use. Space heaters are only permitted under the following conditions:

When heating systems fail within an occupied space.
To supplement existing heating systems for employee comfort, in spaces that are not restricted.
When temporary heating is required in unheated spaces.

In residential occupancies, space heaters may only be used temporarily, with restrictions on the duration of use, and must have a permit issued by the FD/FMU prior to use. Space heaters are prohibited in laboratories, workshops, art studios, storage areas, or any space where chemicals or combustible materials are present, as well as any space not actively occupied by people. In limited cases, space heaters may be allowed in laboratory offices if the UConn FD/FMU grants permission.

The UConn FD/FMU reserves the right to inspect and remove any space heater that is used inappropriately or presents a danger to life or property.

ENFORCEMENT

Violations of this policy or associated procedures may result in appropriate disciplinary measures in accordance with University By-Laws, General Rules of Conduct for All University Employees, applicable collective bargaining agreements, and the University of Connecticut Student Code.

PROCEDURES

The following procedures to request a space heater must be followed:

Contact Facilities Operations to submit a work order to evaluate and adjust the temperatures in the affected area. Facilities Operations will determine whether repairs to the heating system can resolve the issue.
If Facilities Operations cannot resolve the heating issue, the affected individual must contact the UConn FD/FMU.
The UConn FD/FMU, in coordination with Facilities Operations as necessary, will determine whether the proposed location and electrical circuit can accommodate a space heater.
If the proposed location is approved, the UConn FD/FMU will issue a permit and provide a list of approved space heaters to the affected individual(s). Other space heaters that have not been approved by the UConn FD/FMU must be taken out of service and be removed from the building.
If the proposed location is not approved for a space heater (e.g., the proposed location is in a laboratory, the electrical circuit is inadequate, etc.), additional options will be evaluated.

Upon approval and receipt of a permit by the UConn FD/FMU, individuals must comply with the following procedures while using space heaters:

Read and follow the manufacturer’s operating instructions before using a space heater.
Inspect the space heater for dust before each use and clean if necessary.
Inspect the electrical cord and plug outlet for damage before each use. Remove the space heater from service if any damage to the cord or other parts are found.
Never leave a space heater operating unattended. Always turn off the device and unplug it when the area is vacant or when going to bed.
Plug space heaters into an electrical circuit that is rated for 15 amps or more to prevent overloading.
Always plug space heaters directly into a permanent wall outlet (receptacle). Do not use an extension cord or power strip.
1. Exception: Radiant panel heaters may be used with extension cords or power strips rated for 15 amps or more, if approved by the UConn FD/FMU.
Never run an electrical cord for a space heater under a carpet or floor mat.
Do not place space heaters under desks or in enclosed spaces.
Ensure space heaters are placed on a stable level surface to prevent tipping, unless otherwise specified by the manufacturer.
Never use a space heater where flammable materials or vapors are present.
Do not place a space heater near combustible materials such as papers, fabric, plastics, or furniture.
Do not use space heaters in or near wet areas.
Keep space heaters out of high traffic areas. Never block an exit.
Maintain the manufacturer’s recommended clearance around the space heater for safe operation.
Avoid placing space heaters near room thermostats.
Inspect space heaters at least annually and have them repaired, as needed, by a qualified electrician.
Discard any space heater that cannot be repaired, and, while unplugged, cut off the plug to prevent inadvertent use by others.

If space heaters are deemed unsafe and removed from service, they will be relocated to a designated storage area for owners to retrieve and remove from University property.

Department-owned space heaters may be removed through Surplus Operations.

POLICY HISTORY

Revisions:
01/24/2004
09/28/2011
02/06/2012
12/24/2024

University of Connecticut Age Act Committee: Policy and Procedures

Posted on December 9, 2011December 18, 2025 by Fearney, Kimberly

Title:	University of Connecticut Age Act Committee: Policy and Procedures
Policy Owner:	University of Connecticut Age Act Committee
Applies to:	Students, Faculty, Staff, Graduate Assistants
Campus Applicability:	Storrs and Regional Campuses
Effective Date:	November 1, 2019
For More Information, Contact	Office for Inclusion and Civil Rights
Contact Information:	(860) 486-2943
Official Website:	https://www.equity.uconn.edu

Click here to view a PDF, Printer Friendly copy of this policy.

University of Connecticut Age Act Committee: Policy and Procedures

I. Purpose and Scope: The University of Connecticut has established an “Age Act Committee” to evaluate a student’s request for access to or participation in any University program when that student’s age may impair the University program’s ability to meet its objectives as carried out under its normal operation. This document sets forth the operational framework for that Committee. These Policy and Procedures apply to all programs, services and activities that fall under the purview of the University of Connecticut at the Storrs and Regional campuses.

II. Definitions:
A. “The Age Act” means The Age Discrimination Act of 1975, codified at 42 U.S.C. §6101, et seq. along with its implementing regulations, found at 34 C.F.R. §110, et seq.
B. “The Age Act Coordinator” means the University Official responsible for overseeing compliance with the Age Act and for investigating allegations of age discrimination. The University’s Age Act Coordinator is:

Sarah Chipman
Director of Civil Rights Compliance
ADA, Title VI, and Title IX Coordinator
Storrs: Wood Hall, First Floor
UConn Health: Munson Road, Third Floor
sarah.chipman@uconn.edu
(860) 486-2943

C. “The Age Act Committee Submission Form” is the form to be used by University Officials to submit a concern about a student’s access to or participation in any University program or activity based on that student’s age.
D. “The Committee” means the Age Act Committee, as designated by the Office of the Provost.
E. “Age Act Committee Chair” means a member of the Committee designated by the Provost as Chair.
F. “Normal Operation” means the operation of a program or activity without significant changes that would impair its ability to meet its objectives.
G. “Student(s)” means a student admitted by or enrolled at the University of Connecticut, as defined in UConn’s Responsibilities of Community Life: The Student Code.
H. “University” means the University of Connecticut.
I. “University Official” means any person employed by the University of Connecticut in an administrative, supervisory, academic, research or outreach, or support staff position (including law enforcement unit personnel and health staff).

III. Policy Statement: The University By-Laws provide, in pertinent part, that “No organization or group shall discriminate against or exclude a person because of race, religion, national origin or other protected class recognized by state or federal antidiscrimination laws, on that land owned or operated by the University of Connecticut…”. By-Laws of the University of Connecticut, Article XV, § A. Similarly, in accordance with the provisions of the Age Discrimination Act and other Federal and State laws and executive orders pertaining to civil rights, the University prohibits discrimination on the basis of age (see Policy Against Discrimination, Harassment and Related Interpersonal Violence).

This policy is intended to provide the same protection against discrimination afforded under the parallel anti-discrimination laws. Therefore, analysis of a student’s age discrimination claim under them thus mirrors the analysis of a claim under the Age Discrimination Act of 1975, 42 U.S.C. §§ 6101-6107, and its corresponding regulations, 34 C.F.R., Part 110. Subject to certain limited exceptions, the Age Discrimination Act mandates that “no person in the United States shall, on the basis of age, be excluded from participation in, be denied the benefits of, or be subjected to discrimination under, any program or activity receiving [f]ederal financial assistance.” 42 U.S.C. § 6102. Exceptions to the Age Act’s general prohibition against age discrimination include: a) age distinctions contained in federal, state or local statute or ordinances (34 C.F.R. § 110.2); b) reasonable actions “based on a factor other than age” (34 C.F.R. § 110.13); and c) actions that reasonably take into account age as a factor necessary to the normal operation or the achievement of any statutory objective of such program or activity (34 C.F.R. 110.12).

Charged by the Office of the Provost, the Age Act Committee is responsible for addressing concerns about students’ access to or participation in any University program, service or activity based on age.

IV. Age Act Committee Procedures
A. Establishment of Committee:
i. Members of the Age Act Committee, including its chairs, shall be designated by the Office of the Provost and serve three (3) year terms. Members may be reappointed upon the end of their term.
ii. The Committee shall include one representative from each of the following units: Division of Enrollment Management, Honors Program, Division of Student Affairs, and Office for Inclusion and Civil Rights (OICR) as well as a member of the faculty with expertise in human development or a related field. Members from additional offices may be appointed at the discretion of the Office of the Provost.
iii. This Policy and Procedures and the Age Act Committee Submission Form shall be available on the Office for Inclusion and Civil Rights (OICR) website.

B. Deliberative Process for Assessing Role of Age in University Activity, Program or Service:
i. Quorum Required: All Committee members share responsibility for the Committee’s decisions and are expected to fully participate in its decision-making processes. In order for the decision of the Committee to be valid, a majority of Committee members must take part in the deliberative process. The Committee shall attempt to reach its decision by consensus. In the event the participating Committee members cannot reach consensus, the outcome will be decided by a simple majority. Committee members should recuse themselves from a particular inquiry in the event they feel they may be unreasonably biased for any reason. The Provost may designate an alternate member in the event that a member elects to be recused from a case.
ii. Timeline: The Committee should complete its investigation and issue a decision no later than forty-five (45) calendar days from the original date of submission. Should the need arise, the Committee shall expedite its process as necessary to allow the student’s full participation in the program, service or activity, if approved, provided the Committee determines meeting the expedited timeframe does not unreasonably impair its deliberative process.

iii. Submission of Inquiry:
1. Any University Official may raise a concern about a student’s access to or participation in any University program, service, or activity based on that student’s age. In order to do so, the University Official may submit an Age Act Committee Submission Form, available on the Office for Inclusion and Civil Rights website, to the Office for Inclusion and Civil Rights.
2. Upon receipt, an Age Act Committee Chair will schedule a preliminary phone conference with the individual submitting the form to gain a better understanding of the circumstances giving rise to the inquiry. The objective of the conference is to collect enough information to address concerns about a student’s access to or participation in the subject University program, service, or activity based on age. Therefore, during the phone conference, the Age Act Committee Chair will seek to obtain as much information about the situation, including but not limited to the following:
a. A list of all other individuals (including University Officials) involved and the scope of their involvement;
b. The location and relevant dates and time;
c. The purpose and nature of the program, service, or activity;
d. A general understanding of the day-to-day workings of the program, service, or activity;
e. The deadline by which an answer from the Committee is required and the circumstances necessitating that deadline;
f. A list of third-party contractors that might be involved, their role and contact information; and
g. Any other information the Committee may need to carry out its inquiry.

3. The Age Act Committee Chair shall forward a copy of the Age Act Committee Submission Form to the Department Head/Program Director listed to provide them notice of the ongoing review and to solicit any additional relevant information this individual may have.

4. The Age Act Committee Chair shall work with the Committee to designate the Committee member who will serve as the “Recorder” for this particular inquiry. The Recorder is the individual responsible for taking and maintaining all documentation related to the particular request. All information maintained by the Recorder shall be considered in draft form until reviewed and approved by the other Committee members, at which point it becomes a final, official record of the Committee (“Final Record”).

iv. Fact-Gathering:
1. After the preliminary phone conference, the Committee shall identify the list of individuals with whom to speak (“Knowledgeable Parties”) and the appropriate order in which to meet with them to gain the best understanding of the relevant circumstances and, using the list, schedule a meeting with each Knowledgeable Party accordingly (“Consultation”).
2. In addition, the Committee shall also identify and obtain any additional documentation that might further its understanding of the situation, which may include but not necessarily be limited to third-party contracts, program regulations, mission statements, information from previous years, etc. The Committee may also identify and carry out any additional interviews that might further its understanding of the situation, including but not limited to interviews with the student and University faculty and staff.
3. Each Consultation shall include, but not be limited to, the following questions to the extent relevant to that Knowledgeable Party’s role:
a. What is the nature of the “normal operation” of the program, service, or activity?
b. What are the stated objectives of the program, service, or activity?
c. Can the student be admitted to the program, service, or activity without significant changes? Changes are significant if they impair the objectives identified in (iv)3b, above.
d. What characteristics must participants possess in order to ensure the normal operations of the program, service, or activity and why?
e. Can the presence of these characteristics be reasonably approximated by the use of age? Is it impractical to measure these characteristics on an individual basis?

v. Individualized Deliberation: Taking into account the information collected from all available sources, and considering the goals/objectives of the program, service, or activity at issue, the characteristics participants must possess in order to ensure preservation of the Normal Operation of the program, service, or activity, whether the presence of these characteristics can be reasonably approximated by the use of age and/or whether it is impractical to measure these characteristics on an individual basis, the Committee shall make a final, reasoned and deliberative determination with respect to the use of age as a proxy for other characteristics necessary to the normal operation of the program or activity at issue.

Limiting access or participation will only be appropriate in those circumstances where the student’s age would require changes to the normal operation of the program, service, or activity and such changes would impair the program, service or activity’s ability to meet its stated objectives (as defined by the Knowledgeable Parties, or where other age-based distinctions and/or factors to be considered, other than age, are permitted by the Age Act. If the student’s age necessitates reasonable modifications that would not significantly impair the program, service or activity’s ability to meet its objectives, age will not be a reasonable basis upon which to exclude the student.

The Committee shall use the following analysis:
a. The Committee will gain an understanding of the Normal Operation of the program, service, or activity. In doing so, it will identify the goals/objectives of the program, service, or activity.
b. The Committee will gain an understanding of and identify the characteristics participants must possess in order to ensure preservation of the Normal Operation of the program, service, or activity and why these characteristics are needed.
c. The Committee will identify whether the presence of these characteristics can be reasonably approximated by the use of age and/or whether it is impractical to measure these characteristics on an individual basis.
vi. Decision: Following its investigation and deliberations, the Committee shall make one of the following determinations:
1. The student’s age would impair the University program, service, or activity’s ability to carry out its Normal Operation, in which case the student may be denied participation;
2. Age-based concerns could be alleviated with changes that would not impair the ability of the program, service, or activity to meet its objectives, in which case the student will not be denied participation; or
3. The student’s age will not impair the ability of the program, service or activity to meet its objectives, in which case the student will not be denied participation.

vii. Response: The Committee must provide a response no later than forty-five (45) days after the original request. If the Committee determines that the student’s age would not impact the University program, service, or activity’s ability to carry out its Normal Operation, it will inform the University official who submitted the request via email, copying in the supervisor and Age Act Coordinator (or designee).
If the Committee determines that the student’s age would impact the University program, service, or activity’s ability to carry out its Normal Operation and no reasonable modifications can be made without altering its objectives, it shall inform the student via email of the decision, copying in the original requestor, supervisor, and Age Act Coordinator (or designee). This notification shall also provide the student with notice of the University’s grievance procedures for prompt and equitable resolution of complaints alleging violations of the Age Act, as well as external reporting options.

V. Additional Standards
A. Documents created during or as a result of these meetings that directly identify a student are “education records” as defined by FERPA and thus, are subject to review by the student to whom they pertain, and protected from unauthorized disclosure.
B. Documents created during or as a result of these meetings that do not directly identify any students may be “public records” under the Connecticut Freedom of Information Act, and thus may be subject to public disclosure.
C. Upon conclusion of an inquiry, the Committee shall retain Final Records for 5 years after the original inquiry, in compliance with Connecticut State Record Retention Schedule S1-330 (Planning Studies).
D. The Committee shall review these policies and procedures every five years to ensure compliance with federal and state laws and institutional needs.

VI. Grievance Procedures:
A. Complaints of Age Discrimination may be filed internally, at the Office for Inclusion and Civil Rights (OICR), by calling (860) 486-2943, by writing to OICR at the University of Connecticut; Wood Hall, 1st Floor, Unit 4175; 241 Glenbrook Road; Storrs, CT 06269-4175 or by emailing OICR at equity@uconn.edu.
B. Students also have the right to file a complaint with the Office of Civil Rights, within 180 days from the time the incident occurred at Office for Civil Rights, U.S. Department of Education; 8th Floor, 5 Post Office Square; Boston, MA 02109-3921.

Policy Created: December 7, 2011
Revised: July 7, 2014; November 1, 2019

Emergency Closing Policy

Posted on October 27, 2011February 17, 2026 by

Title:	Emergency Closing Policy
Policy Owner:	Office of the President, Office of the Provost, and Human Resources
Applies to:	Faculty, Staff, Students, Others
Campus Applicability:	All campuses except UConn Health
Approval Date:	August 30, 2023
Effective Date:	August 31, 2023
For More Information, Contact:	Human Resources and Labor Relations
Contact Information:	(860) 486-5684 or laborrelations@uconn.edu (860) 486-3034 or hr@uconn.edu
Official Website:	http://www.hr.uconn.edu/

PURPOSE

During inclement weather and other emergency situations at the University of Connecticut, the safety of our students, faculty, and staff is paramount. At the same time, the University has very important research, teaching, service, and outreach missions, and must maintain continuous and effective business operations. With due consideration to safety, the University will remain open and operate normally to the greatest extent possible. Faculty, staff, and students should evaluate their own circumstances carefully, exercise appropriate judgment, and take responsibility for their safety when making decisions during inclement weather.

The purpose of this policy is to provide direction to the University community in the rare circumstances when the University Administration decides to cancel classes; delay opening, release employees early, or close operations at some or all University campuses. This policy also explains how employees will be notified of the University’s decisions and clarifies expectations regarding attendance and performance of job-related duties. The policy applies to the entire University community, including administration, faculty, staff, and students, at all campuses except UConn Health.

POLICY STATEMENT

Decisions to alter the University’s normal operations and schedule for all campuses are made jointly by the President’s Office, Provost’s Office, University Safety, and the Head of Human Resources. Decisions about such alterations are made with full input from University Communications and Facilities Operations and Building Services for all campuses. Careful consideration will be given to the particular conditions and circumstances at each campus, and decisions will account for variations that may exist among the situations at different campuses.

When the University is open and operating normally, all employees are expected to make every effort commensurate with their personal safety to be at work. Individual academic departments and administrative units are not permitted to close and release employees. Those decisions will be made on a university-wide basis. Departments, regional campuses, and units may cancel special events they sponsor at their discretion and are responsible for communicating such cancellations.

If an emergency occurs that may require an adjustment in work schedules for an individual unit or small number of units (such as a power outage or flood in a single building), employees should work from another location if possible. Supervisors must obtain permission from the President’s Office and Provost’s Office as appropriate, before releasing employees from work for more than a short period of time.

Notification

The University will make announcements about closings or delayed openings as soon as feasible, and generally no later than 5 a.m. When conditions change rapidly or unexpectedly, however, the University may need to make or update decisions about classes and business operations on short notice.

The UConnALERT website, alert.uconn.edu, is the definitive source of information about the University’s operating status. All announcements regarding changes to the University’s operating schedule will be posted to this site as soon as decisions are made.

In addition to the UConnALERT website, advisory messages will be issued regarding closings, cancellations, early dismissals, or delays. UConn faculty, staff and students should visit alert.uconn.edu to register for cell phone text alerts, update their contact information, and obtain information related to emergency procedures and campus safety.

Community members may also call the University’s 24-hour emergency closing information number, (860) 486-3768, to check the University’s operating status for all campuses. Second and third shift employees are urged to call this number for information.

Individual units are responsible for communicating decisions about whether any special events they sponsor are postponed or canceled. Community members should contact the sponsoring units directly for information about such events. This applies to athletic events, performances, conferences, lectures, presentations, workshops, and other events hosted by a sub-unit of the University.

Expectations for Employees

This section summarizes the information applicable to:

All Employees (except essential/emergency support services staff)
Faculty/Class Instructors
Essential/Emergency Support Services Staff

All Employees (except essential/emergency support services staff)

When the University is open and operating normally, employees are expected to report to work. During inclement weather, employees are expected to plan accordingly, including accounting for extra time needed to travel to and from work. If an employee decides not to remain at or report to work because of concerns about travelling safely, employees may use vacation, personal, or other accrued time without advance approval. Employees must promptly notify their supervisors in these situations. Employees who anticipate concerns may discuss in advance the possibility of flex time or telecommuting with their supervisors.

When the University directs employees not to report to campus during a closing, delay, or cancellation, employees will not be charged leave unless their time off was already scheduled and approved. If an employee is on a scheduled day off due to sick leave, vacation, personal time, earned time, or leave of absence without pay during an official University closing, delay, or early release, the employee’s time will be charged accordingly.

Since employees who are not on a pre-approved leave during a closing would normally be present at work, employees are expected to be accessible and responsive to their supervisors as needed during their regularly scheduled work hours. Supervisors may require that employees check and respond to email regularly, respond to work calls, or attend virtual meetings, and may expect that assigned work that can be accomplished remotely is completed on time regardless of emergency cancellations. Likewise, supervisors may make reasonable adjustments to be able to continue University business, including holding meetings by teleconference and handling normal business by email, and employees who would normally be present at work may be required to participate.

Faculty/Class Instructors

All faculty at all campuses must abide by the University’s decision to remain open. If the University does not cancel classes, faculty are expected to hold classes as scheduled, except in circumstances when a faculty member determines that they are unable to travel safely to campus. In these exceptional cases, the faculty member must notify their dean and department head and must also notify all students in the class. Faculty must not cancel class prior to the University’s decision about whether the University will alter its normal schedule. Faculty may elect to hold classes virtually using online methods.

Only the instructor of record for a class may decide to cancel a class. Teaching Assistants may not make independent decisions to cancel classes or other activities related to classes; they must consult with the faculty member for the course.

Instructional time that is cancelled is expected to be made up in accordance with the By-Laws, Rules, and Regulations of the University Senate. The University’s academic calendar includes specified “emergency closing make-up dates.” Faculty who plan to use these times to make up class must inform students as soon as possible and reserve a classroom through the Registrar’s Office. Faculty may also make up classes at other times but must be sensitive to students’ availability to attend.

Faculty should respect the decisions of commuting students who decide not to travel to campus, or to leave class early in order to get home safely, and provide options for them to make up missed work. The Dean of Students Office is available to assist faculty and students with concerns about missed work.

Essential/Emergency Support Services Staff

Operations including university safety, residential and dining services, health services, animal care, facility maintenance, information technology services, student support services, transportation, and other important services may be required to continue even in severe weather or during other circumstances that require the University to cease other operations.

The University may designate employees as “Essential” employees (also known as “Emergency Support Services Staff”) if it determines their job functions are necessary or potentially necessary to conduct the University’s business even when the University is not operating normally. Employees designated as essential are typically expected to report to or remain at work when the University has a delayed opening, early release, or closure.

Individual Departments determine which, if any, of their employees are essential. Further, Departments may require all essential employees to report during any closure. Alternatively, Departments may develop a procedure that limits the number of essential employees required to report based on the nature or duration of the closure, the nature of the functions the Department performs, and the level of staffing needed. This approach is typically implemented through an “on call” notification system or a rotating assignment.

Departments are responsible for notifying essential employees annually of their designation. Employees hired into positions that are essential are first notified of their designation at the time of hire. In addition, the business needs of the University may change in ways that require other employees to be deemed essential even if they were not designated so at hire. In such cases, the Department will notify affected employees at the time of their designation. By October 1st of each year, Departments with essential employees must provide a list of these employees to Human Resources and Labor Relations.

Unless provided in the applicable collective bargaining agreement or authorized by the Governor, the University is prohibited from awarding compensatory time or extra compensation to essential employees for working during their regularly scheduled hours when the University has a delay, early release, or is closed.

ENFORCEMENT

RELATED PROCEDURES AND POLICIES

Time and attendance procedures for employees and supervisors are posted on the Payroll Department website at www.payroll.uconn.edu.

Requirements with respect to instructional time and making up time are defined in the By-Laws, Rules, and Regulations of the Senate (http://policy.uconn.edu/2011/05/19/by-laws-rules-and-regulations-of-the-university-senate/) and the University’s Credit Hour Policy (http://policy.uconn.edu/2012/08/22/credit-hour).

POLICY HISTORY

Policy adopted: October, 2012

Revisions:

November 26, 2014
August 27, 2015
August 30, 2023 (Approved by the Senior Policy Council and the President)
July 12, 2024 (Editorial revisions by University Compliance)

Surplus Property Policy and Procedures

Posted on June 2, 2011March 10, 2026 by Fearney, Kimberly

Title:	Surplus Property Policy and Procedures
Policy Owner:	Facilities Operations, Logistics
Applies to:	University Workforce Members, Students
Campus Applicability:	Storrs and Regional Campuses
Approval Date:	December 24, 2024
Effective Date:	January 1, 2025
For More Information, Contact	Surplus Operations
Contact Information:	surplus@uconn.edu
Official Website:	Surplus \| Facilities Operations

BACKGROUND

Proper disposition of State of Connecticut assets is required pursuant to Section 4a-57a of the Connecticut General Statutes. The University of Connecticut has the authority to dispose surplus, unused and/or unserviceable equipment and supplies in compliance with C.G.S. 4a-57a. The University of Connecticut Surplus Department (“the Surplus Department”) is responsible for administering the University’s Surplus Program and is authorized to make the determination regarding the disposition of assets that are no longer utilized by University departments.

PURPOSE

To establish the authority of the Surplus Department to administer the University’s Surplus Program in accordance with Federal Uniform Guidance regulations and Connecticut State statutes. This includes the authority to establish and maintain processes and procedures for the proper inventory control of the University’s tagged assets.

APPLIES TO

UConn Workforce Members at the Storrs and Regional Campuses. This policy does not apply to the deaccession of objects held by University Collections.

POLICY STATEMENT

The Surplus Department will determine the disposition of assets based on their condition and whether the asset(s) may be reissued to another department, transferred to another state agency or municipality, or donated to a nonprofit organization. Under no circumstances shall University property be discarded without proper disposition through the University’s inventory control and disposition software.

Assets acquired with grant funds must be disposed of in accordance with applicable federal regulations, sponsor requirements, and University policies. The Principal Investigator (PI) is responsible for ensuring compliance with the specific requirements set forth by the sponsoring agency, federal regulations, and University policies.

Export Control must be notified prior to disposing assets:

with an export control classification number (ECCN) or US Munitions List (USML) classification; or
created as a result of research conducted on behalf of and/or procured by sponsored funding from the U.S. Department of Defense or similar military and intelligence agencies in the US or abroad.

ENFORCEMENT

PROCEDURES

The Surplus Department uses the Asset Panda software (“Asset Panda”) to streamline the surplus process and track all University tagged assets. Departments must update the status of assets from “active” to “surplus” within Asset Panda. Assets not already in Asset Panda must be added by the department before being declared surplus. Asset Panda then transmits this information to the Surplus Department for review and processing.

University departments must follow these Procedures to send the following assets to the Surplus Department:

Refrigeration Units: Departments must enter a work order through Facilities Operations to remove refrigerants from refrigeration units as required by state and federal environmental regulations. Departments must forward the work order number with the asset entry before the Surplus Department will schedule a pickup.
Motors: Departments must submit a work order to Facilities Operations to remove oils from the motors as required by state and federal environmental regulations. Departments must forward the work order number with the entered asset as proof of the completed removal before the Surplus Department will schedule pickup.
Electronics with hard drives: It is the department’s responsibility to surplus all electronics with hard drives via Asset Panda and the Surplus Department’s responsibility to coordinate the hard drive destruction.

Employees may not purchase University assets directly from University departments, including assets such as cell phones, laptops, and wireless devices, among others. All assets must be processed through the Surplus Department when no longer needed.

The Surplus Department will determine whether assets sent to them will be recycled, made available to University departments, other state agencies or municipalities through the DAS surplus program/website.

REFERENCES

Code of Federal Regulations Title 2, Subtitle A, Chapter II, Part 200
Connecticut General Statutes § 4a-57a. (Distribution of surplus state property)

University Policy: Sponsored Award Closeout
Asset Panda Request and Training

POLICY HISTORY

Policy created: 2004
Revisions:
2014
06/07/2021 (Approved by President’s Cabinet)
07/26/2021 (Editorial revisions)
12/24/2024