July 25, 2000
TO: Beams Division Personnel
FROM: John Marriner
SUBJECT: Beams Division Web Policy
Fermilab is proud of being an open laboratory where all kinds of subjects are publicly discussed with as few restrictions as possible. It is Fermilab policy to encourage that our web sites reflect this openness and that normally our information is posted on web sites with public visibility.
Nonetheless, it should be obvious that it would be inappropriate (in a few rare cases, even illegal) for some kinds of information to be posted with unrestricted web visibility outside of Fermilab or the immediate group of people who need to work with that information. Use "Password Protected" or "Restricted to Fermilab Domain Only" pages where a clear justification for such restriction exists. The links to those restricted pages should be clearly indicated "internal use only" or with a similar statement.
This memo is to provide guidance for Beams Division personnel as to what kinds of Fermilab information should not be publicly visible on the web. For additional guidance on what kinds of non-Fermilab information are not appropriate for posting, see Section 2 of the Fermilab Policy on Computing, "Publishing and Accessing Information on Electronic Networks" as well as the "Appropriate Use" discussion in Section 1, "Policies and Rules to Protect Fermilab Computing".
Professional (personal) web pages should be predominately professional in content.
Following is a list of what Fermilab information should not be publicly visible:
1. Proprietary information from companies with whom we do business that is subject to a signed non-disclosure agreement or which has been marked clearly as proprietary.
2. Information that would identify an individual associated with that individual's payroll, medical, or radiation exposure data.
3. Personnel reviews and letters of reference.
4. Pre-procurement information whose public release could compromise the fairness of a pending procurement.
5. Information, which could be used to compromise computer security, such as passwords or other data which confers access privilege.
6. Working materials of review and audit teams while their review is in progress.
7. Commercial licensed software and other commercial material with a copyright label.
8. Information related to legal actions affecting Fermilab.
I have delegated to the Associate and Assistant Division Heads, Department Heads, and Project Leaders the responsibility for the material on web pages generated by division employees. This authority can be further delegated as needed.