20.21 - Electronic Commerce
July 21, 2009 (formerly APM 80.10)
A. General. For purposes of this section, electronic commerce is defined as the use of electronic ordering and payment mechanisms via an interactive electronic mechanism such as the World Wide Web to effect remote payment for University of Idaho goods or services. This section does not cover business-to business ecommerce pursuant to which the University purchases goods or services or to electronic ordering and payment mechanism that are typically used between other businesses or institutions and the University of Idaho, usually referred to as Electronic Date Interchange (EDI) or Electron Funds Transfer (EFT).
B. Process. Electronic commerce provides a convenient way to handle business transactions such as conference registration or the purchase of course materials. However, reasonable steps should be taken to protect the personal information and privacy of purchasers. It is also in the University’s best interest to facilitate the transfer of electronic commerce transactions data to its financial systems. The purpose of this section is to establish guidelines for electronic commerce.
C. Procedure. Any use of electronic commerce at the University of Idaho must be consistent with APM 20.60, Unrelated Business Income (Tax), which cautions the use of University of Idaho resources for any activity not related to the University’s mission. [ed. 7-09]
C-1. Electronic Commerce Software. The University of Idaho provides a centralized E-Commerce software solution through a product called Revenue Stream. Units planning to offer online sales of goods and services can request the establishment of an online store through the university web master (eCommerce website or firstname.lastname@example.org).
C-2. Goods or Services Offered. Goods or services offered for sale must be related to the core mission of the department or unit.
C-3. Departmental Participation. Departments wishing to engage in electronic commerce must either use Revenue Stream to provide online order management services or offer evidence to the E-Commerce Coordination Team (eCommerce website or email@example.com) that the university software solution cannot meet the department’s functional business needs and that an alternative vendor or software solution meets the University requirements for security and for integrating transaction information into Banner financial systems.
C-4. Alternative Solutions. Departments are responsible for all costs, maintenance, operations and upkeep of any alternative vendor or software solution. Alternative solutions will be expected to complete post-use clean-up and are held to all institutional standards and business practices.
C-5. Confidentiality of Data. Departments are responsible for safeguarding the confidentiality of data related to purchases of goods or services. Specific guidelines are:
i) Use a secure connection to a transaction service vendor (such as the one provided to the University of Idaho by its authorized vendor).
ii) Do not store any electronic payment (e.g., credit card) information locally.
iii) If gathering other information about purchasers, maintain this information in a secure manner, restricting access to those who have a valid need to know.
C-6. Advertising Policy. If the website is in the University of Idaho domain, no hosting of third-party advertising is allowed.
D. Departmental Costs of Participation. Departments engaging in electronic commerce applications will be assessed an annual fee and transaction charges based upon a percentage of sales. A portion of transaction fees may be refunded annually on a prorated basis dependent upon the cost of maintaining the system and the volume of annual transactions.