...
Protecting University data:http://www.cit.cornell.edu/security/data/index.cfm
Review Security of Electronic University Administrative Information: http://www.dfa.cornell.edu/dfa/cms/treasurer/policyoffice/policies/volumes/informationtech/upload/vol5_10.pdf
Use of university owned computer equipment - see: http://internal.cit.cornell.edu/Internal_Computer_Policies/Univ_Owned_Equip.html
Voyeurism - refer to Data Stewareship & Custodianship Policy -- http://www.dfa.cornell.edu/dfa/cms/treasurer/policyoffice/policies/volumes/governance/upload/vol4_12.pdf especially the section "General Prohibitions". Note: data modifications you do in non production environments to accomplish your job are fine. Data modifications to production that are requested by the appropriate user office and tracked according to IS policies are fine.