Summer 2016
Our goals for this publication is to raise awareness of trending compliance issues that pertain to all employees and departments and to provide a refresher of the compliance program services and help line.
Think Before you Click
Never share your UVM login or password. With anyone. Ever
Most breaches occur because of human error. One of the most common is called "phishing". Bad guys send out emails making it look like something official. They use scary tactics and fear to get you to respond...they make it sound like bad things will happen if you don't. They are trying to trick you.
Continue reading...
If the email is asking you to enter your user name and password, if the email says things like, "Your mailbox will be deleted" or that "in order to increase your mailbox size you must do" something... it's not official. It's a scam. With your login information, criminals can gain access to our systems and to your personal information like your social security number or your bank account information.
THINK BEFORE YOU CLICK
If you receive an email that either asks for your user name and password or brings you to a website that asks you to enter your user name and password, STOP!! Take a couple seconds (really, it just takes a couple seconds) and verify. How? Follow these steps:
- Put your cursor over the web address and see what pops up. That's it!! One step. If you see www.uvm.edu followed by something else, it's ok.
- If the web address says something completely different, report it to iso@uvm.edu.
This is where it gets a bit tricky.
If the web address does not have the "uvm.edu," before the first single slash ("/"), it's a trick and should be reported to iso@uvm.edu.
Just because "uvm.edu" is in the address somewhere, it doesn't mean it's OK...it HAS to be before the first single slash.
In general, if the website really comes from someone at UVM, it will start with www.uvm.edu or www.something.uvm.edu. If it starts with anything else, THINK BEFORE YOU CLICK. Contact iso@uvm.edu to be sure.
Nobody...and I repeat NOBODY...in an official capacity at UVM should be asking you for your login information. Ever. Also, emails that are for an official purpose will not use scare tactics. They won't make you panic. If the email does any of these things, contact iso@uvm.edu.
If you are ever unsure, THINK BEFORE YOU CLICK. Pause before you enter your login information. Contact ISO@uvm.edu, call the Chief Privacy Officer at 6-2003 or contact the compliance department at compliance@uvm.edu or 6-3086. Visit the Information Secuirty webpage for more information.
Recognizing and Curbing Discriminatory Harassment: What it is, Where it happens and What to do
The University prohibits sexual and other bias based harassment including harassing behavior motivated by race, color, religion, ancestry, national origin, place of birth, sexual orientation, disability, age, positive HIV-related blood test results, genetic information, gender identity or expression, or veteran status.
The effects of harassment on employees can be devastating. Unchecked harassment can erode trust, weaken goodwill and undermine productivity, as well as put our University at legal and financial risk. Harassment also is one of the factors cited in many compliance reports. It may not be the main topic of the report but as we get into the investigation, there are often elements of harassment that find their way into the report.
Continue reading...
The good news is that you, particularly if you are a manager or supervisor, can help maintain a positive workplace environment... an environment in which everyone has the opportunity to thrive. Here are some ways we can help prevent and stop harassing behavior in our workplace:
1) Recognize Harassing Behavior When You See It
Harassment typically takes one of three forms:
- Verbal Harassment: Sexually explicit or derogatory jokes, innuendo, name-calling, insults, comments or other verbal behavior based on a person's race, gender, religion, age, sexual orientation, or other protected characteristic as noted above.
- Physical Harassment: Inappropriate physical conduct, including unwanted touching or gestures. While physical harassment most often is based on sex, it can relate to any protected characteristic, including religion and disability.
- Visual Harassment: Any visual material, including posters, calendars, screen savers, web pages, comics, personal photos that is sexually explicit or derogatory of a protected characteristic.
2) Address the Behavior Right Away
We have a duty to protect all of our employees from harassment and discrimination. As part of that, supervisors and managers have a "duty to act" whenever they become aware of potential harassment-regardless of how you learn of it.
If a manager or supervisor sees or overhears behaviors that are potentially harassing, the best option is to address it right then, on the spot. You do not need to be aggressive, but you do need to point out that their behavior is inappropriate and stop it. Non-supervisors are also encouraged to address the behavior, but may feel more comfortable reporting the behavior to the employee's supervisor or via AAEO's Bias, Discrimination, & Harassment Incident Reporting Form (opens in new window).
Remember, doing nothing is never an acceptable option. When in doubt, at a bare minimum, reach out to AAEO or Compliance Services for guidance. You can contact AAEO at (802) 656-3368 or via AAEO's Bias, Discrimination, & Harassment Incident Reporting Form (opens in new window).
You can also contact the Office of Compliance Services at (802)-656-3086 or can report via the Ethics and Compliance Reporting & HelpLine (opens in new window)
3) Know Where Our Policies Apply
Our policies apply in any work-related setting-not just at daily work sites.
University functions held off-campus or during non-work hours, conferences, and business meals all typically are "work-related settings," harassing behaviors are prohibited in those settings as well. Visit UVM's anti-harassment policies and procedures.
4) Lead by Example
All employees' behavior, but particularly that of managers and supervisors, sets the tone for the workplace. Always be respectful and professional and others likely will follow suit. If you have any doubt, before you act, ask yourself whether you would be comfortable if your behavior were recorded with a smartphone and then posted to the internet, with a link sent to our senior leadership. If not, the behavior does not belong in the workplace!
Chatter: Fundraising for Non-UVM Groups
Are you selling raffle tickets for your child's school or having a bake sale to benefit a non-UVM group? Read on.....
In this section, we will go into a little more detail about a variety of selected topics designed to get people thinking about situations a little differently. If there is a black & white answer, we'll give it. If not, we'll try to explain the gray. Whenever possible, we will give real life examples. If you have a topic you'd like to see included, let us know. As always, individual identifying information will never be published without permission.
Recently, our office received an anonymous report of non-compliance. While all reports receive some level of investigation, let's map this out using both the way it was received (via an anonymous letter) and the way the investigation would have gone had the reporter used the Ethics and Compliance Reporting & HelpLine.
This edition of Chatter will address these two scenarios: (1) Can you sell raffle tickets or ask for donations from your co-workers? (2) Can you use University space for a purpose that is unrelated to University operations? And the answer is...
Continue reading...
It depends.
There are some policy requirements that must be met in order for certain scenarios to be acceptable. For example, the Solicitation policy requires that space be reserved for commercial solicitation (i.e., visits from vendors, sales of anything that benefits a for-profit entity). Under this same policy, reservations are not required for non-commercial solicitation (i.e., charitable fundraising for the benefit of the University, University-recognized groups and organizations, or other nonprofit or charitable organizations) in specific public locations that have been identified in the policy. Regardless of whether it is commercial or non-commercial solicitation, the use of the space cannot interfere with usual University operations. So, what does all that mean?
Asking co-workers to buy a raffle ticket does not violate UVM's policies as long as it doesn't interfere with the performance of your job, it is not done in a harassing or threatening manner and the purchase or donation is not required. This becomes especially tricky if you are a manager or supervisor and are asking your direct reports to purchase a raffle ticket, donate to a charity or sponsor you for a 5K. Those in a position of authority need to be sensitive to the individual situations of their colleagues. Does the manager make direct reports feel that they have to purchase something? Are direct reports going to feel as if not purchasing will make them look bad? Do those that donate get preferential treatment? Remember that everyone brings their own unique background to the table. Being a manager or supervisor inherently has some level of power. It may be best to avoid asking direct reports to buy a ticket or to donate unless you are certain that it will not be a problem.
Now, what about the bake sale? Let's assume that the bake sale was for a charitable organization so it qualified as non-commercial solicitation. This could be done in University space without prior reservation as long as it didn't interfere with usual operations. The use of the break room would be allowed as long as the use didn't prevent staff from using the space as designed. For example, if the bake sale took over the whole room during lunch and staff couldn't sit and eat, that would be prohibited. If it were a box of cupcakes and cookies sitting on the counter but staff could still eat lunch, that should not pose a problem.
Colleagues are often happy to help. Making a donation to a good cause or buying something as part of a fundraiser is something that people have been doing for ages. My parents brought candy bars to work when I still had hopes I'd be a professional soccer player. I've been donating to various charity walks, runs, etc. and I've bought more Girl Scout Cookies than I'd care to admit. But, it's when those things get in the way of official operations, when purchases and donations are expected or when others are inconvenienced that trouble arises.
Of course, there is always a chance that your department has specific policies that are more stringent than the University-wide policies so it's a good idea to check with your manager or supervisor before doing any fundraising or before using department space for any reason that is not related to University operations.
Spotlight on Policies
In policy spotlight, we focus on relevant and timely policies. It is your responsibility to read and understand the policies that pertain to your job. If you don't understand something or have questions, let your manager or supervisor know. You can always contact the Office of Compliance Services for help with anything policy-related.
This newsletter is focusing on existing policies that have recently been updated with important new revisions, Grievance and Peer Advisor Policy for Unrepresented Staff and the Effort Managing and Reporting on Sponsored Programs.
Continue reading...
Grievance and Peer Advisor Policy for Non-Represented Staff
The newly revised policy highlights include:
- Encouraging communication between employees and supervisors to address concerns prior to initiating a grievance.
- Clarifying the role of Peer Advisors in the grievance process.
- Simplifying what constitutes a grievance.
- Outlining how grievances are processed when an employee chooses to pursue a complaint of discrimination with the AAEO Office as part of the grievance allegations, when applicable.
- Eliminating the the formal mediation process to resolve disputes; however, the policy encourages employees and their supervisors to informally mediate potential grievances.
The complete Grievance and Peer Advisor Policy for Non-Represented Staff policy (PDF) may be found on the University's policy website.
Effort Management and Reporting on Sponsored Agreements
New changes and flexibility, due in part to new Federal Regulations (Uniform Guidance), include:
- PI's and Co PI's may now perform quarterly verifications and certifications for certain individuals working on awards they oversee.
- Faculty overload salary and related effort is now excluded from Institutional Base Salary (IBS) for non-12 month faculty. This includes supplemental compensation for Continuing and Distance Education classes.
- The length of absence or disengagement of effort on a project that would require sponsor pre-approval has been defined as three consecutive months or longer.
The complete Effort Management and Reporting on Sponsored Agreements policy (PDF) may be found on the University's policy website.