This guideline sets the expectation of access to employee email as well as the mechanisms by which employee email can be accessed by IT staff.
Confidentiality of electronic mail cannot be assured. Confidentiality may be compromised by unintended redistribution, or due to technologies that may not protect against unauthorized access. In addition, any confidentiality may be subordinate to the application of law, guideline or policy, including this guideline.
Users should assume that the contents of email might be accessible to persons other than the recipient.
Users should be aware that, during the performance of their duties, network and systems administrators need to observe the contents of certain data, on storage devices and in transit, to ensure proper functioning of the university’s IT facilities. During these processes the contents of email messages may be visible.
The university has a legitimate right to capture and inspect any data stored or transmitted on the University’s IT facilities (regardless of data ownership), when investigating system problems or potential security violations, and to prevent, detect or minimize unacceptable behavior on that facility. This includes where maintaining system security and integrity including the management of unsolicited mail and virus protection.
The contents of electronic mail will not be released to persons within or outside of the university, except in response to:
Access to any data will always be via network or systems administrators, or via persons nominated by the Chief Technology Officer. The university’s policy and statutory legislation relating to privacy will be upheld in all cases.
Updated April 1, 2013.