Policy on Reporting Actual, Attempted, or Suspected Misuse of University Resources

Title

The University of North Carolina at Chapel Hill Policy on Reporting Actual, Attempted, or Suspected Misuse of University Resources

Introduction

Purpose

To provide guidance regarding requirements to report actual, attempted, or suspected:

  • Arson;
  • Damage;
  • Embezzlement;
  • Theft; or
  • Misuse

of University of North Carolina at Chapel Hill (UNC-Chapel Hill) property or resources.

Scope of Applicability

This policy applies to all employees (faculty, staff, teaching assistants, and research assistants; temporary and permanent) of UNC-Chapel Hill.

UNC-Chapel Hill students and affiliates are not required to report actual, attempted, or suspected misuse of UNC-Chapel Hill property or resources but may report using one of the methods described in this policy.

Policy

Policy Statement

Any UNC-Chapel Hill employee who has information about actual, attempted, or suspected misuse of UNC-Chapel Hill property or resources must communicate information about these concerns for investigation and resolution. (NC General Statute §143B-920).

Federal law, North Carolina General Statutes, and UNC-Chapel Hill policy provide employees who make good-faith reports of actual or suspected misuse of UNC-Chapel Hill property or resources with protection from retaliation related to having made the report. Refer to the Related Requirements section of this policy for more information.

NC General Statute §143B-920 and this policy use a broad term of “misuse” that includes: arson; damage; theft; embezzlement; or other misuse of state-owned personal or real property.

NOTE: Lost or stolen computers, laptops, mobile communication devices, tablets, external storage devices, etc. (IT devices) must be reported, immediately, to the Information Security Office through the ITS Service Desk at 919-962-HELP (919-962-4357).

IT devices may contain sensitive or protected information whose loss or exposure has additional disclosure and reporting requirements. Therefore, personal-owned IT devices that contain UNC-Chapel Hill data should also be reported to the ITS Service desk.

Employees must report concerns about actual, attempted, or suspected misuse of UNC-Chapel Hill property or resources as soon as possible but no later than three (3) calendar days of learning of an incident. Employees should report:

  • Arson, damage, or theft of UNC-Chapel Hill property to their immediate supervisor or to UNC Police.
  • Embezzlement, fraud, or theft by a UNC-Chapel Hill employee to their immediate supervisor who must notify the UNC Police.

If an employee believes their supervisor is engaged in wrong-doing, the employee should report the concerns to management above the employee's supervisor. Alternatively, employees may report concerns to the Internal Audit Department or, anonymously to the Carolina Ethics Line or the Office of the State Auditor’s Hotline.

A supervisor or other member of management who receives a report of misuse must notify UNC Police within three (3) calendar days of receipt. If the information involves embezzlement or fraud, a supervisor or manager should also contact the Internal Audit Department.

If a UNC-Chapel Hill employee is suspected of actual or attempted misuse of UNC-Chapel Hill property or resources, management must also notify Employee/Management Relations in the UNC-Chapel Hill Office of Human Resources.

UNC Police must report, in writing, information about actual, attempted, or suspected misuse of UNC-Chapel Hill property or resources to the Director of the State Bureau of Investigation no later 10 days from receiving the information. 

Refer to “Contact Information” for additional information.

Exceptions

Does not apply to property or resources owned by an associated entity of UNC-Chapel Hill unless the property or resources contain UNC-Chapel Hill-owned information.

Definitions

Affiliate: Individuals who are volunteers, unpaid interns, visiting scholars, or independent contractors for UNC-Chapel Hill.

Associated Entity: Any foundation, association, corporation, limited liability company (LLC), partnership, or other nonprofit entity that was:

  1. established by officers of UNC-Chapel Hill; or
  2. that is controlled by UNC-Chapel Hill; or
  3. that raises funds in the name of UNC-Chapel Hill; or
  4. that has a primary purpose of providing services or conducting activities in furtherance of UNC-Chapel Hill’s mission pursuant to an agreement with UNC-Chapel Hill; or
  5. that has a tax-exempt status that is based on being a support organization for UNC-Chapel Hill.

Embezzlement:The fraudulent conversion of another's property by a person who is in a position of trust such as someone who has custody of property or resources or decision-making authority over use of property or resources. May include use of public funds to pay for personal items or theft by an employee of cash, checks, revenue, or other property belonging to UNC-Chapel Hill.

Good-faith report: Any communication or report about known or suspected wrongful conduct based on a reasonable belief that the conduct has both occurred and is wrongful under applicable law, regulation, UNC-Chapel Hill policy, and/or ethical and professional standards. Good-faith reports do not disregard facts that would disprove the report and are not based upon bias, malice, or other ill intent.

Retaliation: Acts or words taken (e.g. intimidation, threats, coercion, unfavorable employment or education actions) against a person because the person participated in good faith in the reporting, investigation, or resolution of a known or suspected violation of law, regulation, UNC-Chapel Hill policy, and/or ethical and professional standards.

Theft: The unlawful taking or another’s property with intent to deprive the rightful owner of it.

UNC-Chapel Hill Resources: Funds appropriated by the General Assembly or collected by UNC-Chapel Hill regardless of the source of the funds (public funds). Property purchased with public funds or owned by UNC-Chapel Hill including information systems, software licenses, data, supplies, equipment, buildings, and other real property.

Related Requirements

External Regulations and Consequences

University Policies, Standards, and Procedures

Contact Information

Policy Contacts

UNC Police

  • 919-962-8100 (non-emergency number for reporting crimes)

Internal Audit Department

  • 919-962-5524

Other Contacts

UNC-Chapel Hill Reporting Hotline

UNC-Chapel Hill IT Service Desk

  • 919-962-HELP (919-962-3457)

UNC-Chapel Hill Office of Central Compliance

Office of the State Auditor

  • Toll-free hotline: 1-800-730-TIPS (1-800-730-8477)
  • Fax: 919-807-7647
  • On-line reporting is available 24/7
  • A hotline phone app is available from the iTunes or Google store.

Details

Article ID: 132132
Created
Thu 4/8/21 9:24 PM
Modified
Tue 10/25/22 1:36 PM
Effective Date
If the date on which this document became/becomes enforceable differs from the Origination or Last Revision, this attribute reflects the date on which it is/was enforcable.
10/20/2022 12:00 AM
Issuing Officer
Name of the document Issuing Officer. This is the individual whose organizational authority covers the policy scope and who is primarily responsible for the policy.
Issuing Officer Title
Title of the person who is primarily responsible for issuing this policy.
Vice Chancellor for Institutional Integrity and Risk Management
Last Review
Date on which the most recent document review was completed.
10/20/2022 12:00 AM
Last Revised
Date on which the most recent changes to this document were approved.
10/20/2022 12:00 AM
Next Review
Date on which the next document review is due.
10/20/2023 12:00 AM
Origination
Date on which the original version of this document was first made official.
06/26/2018 12:00 AM
Responsible Unit
School, Department, or other organizational unit issuing this document.
Institutional Integrity and Risk Management