August 24, 2023
When you first create your ACCESS ID, and every 12 months thereafter, you will be asked to accept and re-acknowledge your responsibilities regarding use of ACCESS systems and services, as well as use of ACCESS-allocated resources at ACCESS Resource Provider sites.
ACCESS and all affiliated Resource Providers have legal obligations to protect shared services and resources. You share this responsibility by observing and upholding the rules of acceptable use that are outlined in this document.
Your on-line assent to this Acceptable Use Policy (AUP) is your acknowledgment that you have read, understand and accept your responsibilities when using ACCESS services and any ACCESS Resource Provider resources. If you have questions, please contact the ACCESS Help Desk at https://support.access-ci.org/open-a-ticket.
Violations of this ACCESS AUP or Resource Provider policies may result in loss of access to both ACCESS services and Resource Provider resources. Activities in violation of any laws will be reported to the proper authorities for investigation and prosecution.
By using ACCESS-managed services and/or Resource Provider resources associated with an ACCESS allocation (hereafter, “ACCESS services and allocated resources”), you agree to comply with the following conditions of use:
- You will protect all accounts (i.e., IDs, account names, usernames) and credentials (e.g., passwords, private keys, tokens and [DUO or other] authenticator codes) that you use to authenticate to ACCESS and ACCESS Resource Provider resources. This includes:
- Using a strong, unique password for your ACCESS ID (e.g., see https://www.cisa.gov/news-events/news/choosing-and-protecting-passwords)
- Only entering your ACCESS credentials into access-ci.org sites and ACCESS Resource Provider systems that accept ACCESS credentials for login.
- Keeping your accounts and credentials private. You will not share your accounts nor access credentials with anyone else.
- You will have only one ACCESS ID and you will keep your ACCESS profile information up-to-date. If multiple identities are discovered for the same individual, those accounts and profiles will be merged or voided at ACCESS’s discretion.
- You will not use ACCESS services nor allocated resources for financial gain nor any unlawful purpose, nor attempt to breach or circumvent any ACCESS or Resource Provider administrative controls or security controls. You will comply with all applicable laws and relevant regulations, such as export control law and HIPAA.
- You will immediately report any known or suspected security breach or misuse of ACCESS access credentials to ACCESS Operations Cybersecurity at https://operations.access-ci.org/report-security-incident.
- You are responsible for backing up your data. Use of ACCESS services and allocated resources is at your own risk. There are no guarantees that resources and services will be available, that they will suit every purpose, nor that data will never be lost nor corrupted.
- You must comply with ACCESS policies and those of ACCESS Resource Providers.
- You agree to abide by the ACCESS Code of Conduct in your interactions with users and staff. See ACCESS Code of Conduct (https://access-ci.org/code-of-conduct/).
- In manuscripts submitted for publication and any other citable works, you will acknowledge all ACCESS services and use of specific ACCESS Resource Provider resource(s) contributing to research results. See the About ACCESS page (https://access-ci.org/about/) under the heading “Acknowledging ACCESS.”
- You agree to abide by the terms and conditions of 3rd party applications that you make use of through ACCESS and Resource Providers. It is your responsibility to read and understand those terms and conditions. For example, ACCESS uses Globus services for data transfer and other purposes. When you use Globus, you accept the Globus Terms of Service (https://www.globus.org/legal/terms).
The following acceptable use responsibilities apply more specifically to Resource Provider-managed resources and services, including those allocated through ACCESS processes and any ancillary services to which use is authorized as part of an ACCESS-allocated project:
- You will protect all login accounts and credentials (e.g., private keys, tokens, passwords, etc.) that are issued for your use by each ACCESS Resource Provider.
- You will not allow any other person to use any of your ACCESS Resource Provider accounts and credentials.
- You will only use ACCESS Resource Provider resources to perform work consistent with the stated allocation request goals and conditions of use as defined by your approved ACCESS project, this ACCESS Acceptable Use Policy, and the ACCESS Resource Provider’s policies.
- Access-granting organizations, your ACCESS allocation’s Principal Investigator (PI), and ACCESS Resource Providers are entitled to regulate, suspend or terminate your access, and you agree to comply with their instructions.
- PIs are responsible for properly vetting people that they add as authorized members of their project allocations, and by doing so the PI attests that the ACCESS ID of each authorized member corresponds correctly to the intended person. PIs will also ensure that individuals who use Resource Provider resources on the PI’s ACCESS allocation adhere to this Acceptable Use Policy.
- Allocations on Resource Provider resources are awarded for open research intended for publication together with support for educational and training activities. You will respect all applicable intellectual property rights and adhere to confidentiality agreements.
- You are responsible for working with your local government, home institution and ACCESS Resource Providers to determine what regulations may apply to you regarding your activities and data use such as export control law or HIPAA.