Google+
ITS and UVa logos for printed output

Office 365 Project

Requirements for Use of Personal Accounts or Redirection for University Email

For reasons outlined at the end of this agreement, you are strongly advised NOT to redirect or auto-forward email sent to your UVA-provided email address(es) to personal, non-UVA email service(s).

If you wish to use a personal email account for your University work activities, or redirect a University account to a personal email account, you MUST agree to ALL of the following:

  1. You agree to provide access to or copies of all email received or sent concerning University business to the University if requested in accordance with the Freedom of Information Act, internal investigations or audits, subpoena, search warrant or other legal actions.
  2. You agree to turn over to department supervisor/chair all emails sent or received concerning University business when your employment relationship with the University has ended.
  3. You agree to retain all email received or sent concerning University matters in accordance with the University Records retention and disposition schedules on the Records Management Office website.
  4. You agree you will not transmit highly sensitive data via email in accordance with the Institutional Data Protection Standards or student data protected under FERPA.
  5. You agree to comply with all University IT policies.
  6. You agree to take full responsibility for the security, back-up and management of all email sent or received concerning University business or transactions held within the email account.

Definitions

Email as a University Record: Email and/or email attachments that document a transaction or activity by or with any appointed board member, officer, or employee of the University. The recorded information is a University Record if it is produced, collected, received or retained in pursuance of law or in connection with the transaction of university business. University Records include but are not limited to: personnel records, student records, research records, financial records, patient records and administrative records.

Highly Sensitive Data: Includes personal information that can lead to identity theft if exposed and health information that reveals an individual's health condition and/or history of health services use. Details and examples are provided here.

An Education Record under FERPA: is any record that is: (1) directly related to a student; and (2) maintained by an educational agency or institution, or by a party acting for the agency or institution (for example, faculty or staff of the University). More information is provided here.

Every University of Virginia employee is assigned a unique email address to aid in the performance of University-related activities. Accordingly, all employees are strongly encouraged to use the University's secure email systems (i.e., the UVA Centralized Exchange Service) for all workplace communications.

Reasons for this Policy Recommendation

Redirecting your UVA email to a personal, non-UVA email account exposes you and UVA to the following hazards:

  • It removes any guarantee of security and privacy for sensitive University business-related information that may be contained within email text or attachments.
  • It leaves no official records in the University system. If a demand for such records is made in litigation or under the Virginia Freedom of Information Act (FOIA), you may be required to search within, or provide access to, your personal email account for University business records to be recovered.
  • It makes it impossible for UVA technical staff to assist with technology issues related to your outside email provider's services, including the recovery of emails lost due to the provider's service failures.

  Page Updated: Tuesday 2017-07-25 14:58:45 EDT