Princeton University Information Technology Policy

Employees of the University should understand that electronic information is governed by the same laws and regulations as are paper documents, including statutes protecting the privacy of student records, medical information, and personally identifiable information. Employees are expected to apply to electronic information the same record retention practices applied to paper documents.

Employees are responsible for retaining information that is of value to the University, whether that is for business processes, for legal purposes, or historical value. The University has a  Record Retention Policy offering recommended retention periods for common University records. Disposition of records created, retained or stored in information systems, computers, other networked devices, mobile devices, external storage services, or stand-alone storage devices should proceed on the same basis as for traditional paper records.

E-mail should be handled as any other correspondence in terms of retention and disposal. There are three ways of preserving e-mail: on the e-mail system, within an office’s paper files, or in some form of electronic record keeping system, for example OnBase. As a general rule, the longer the message must be maintained or the more it need to be shared, the greater the need to remove it from the e-mail system and store it as hard copy (including the metadata accompanying the message) or in an electronic record keeping system. Attachments must also be identified and linked to the original message so that they may be easily located. Regardless of the methodology chosen, the authenticity and integrity of the entire e-mail message should be preserved.

Generally speaking, e-mail systems are communication systems, not record keeping systems, and are not designed for the efficient management or preservation of messages stored on them. Storage of e-mail to some form of record-keeping application most fully satisfies the need of current access to e-mail and also enhances value by allowing searching and sorting, maintaining linkages, and allowing for the full integration of the e-mail file into the offices’ workflow processes. Such systems also offer the potential for preserving and making accessible records scheduled for long-term retention. E-mail retained in electronic format must be migrated to new software and storage media as upgrades occur.

Like all records, e-mail eventually will cease to be useful to the office, and at this point should be deleted from the inbox and/or sent folders. Then the “Trash” or “Deleted Items” folder must be emptied (either manually or on an automated schedule) to properly dispose of the e-mail record. Then the records truly are deleted. (While it may be possible for a specialist to reconstruct the deleted files, it is not necessary for you to do anything further.)

When you trade in or replace a computer or other networked device, it is required that you or your computing support specialist use appropriate effective software to remove any and all data from the hard drive, or if warranted, destroy the hard drive by means approved by the University’s Information Security Officer. As with the disposition of any other University records, e-mail disposal should be regularized and documented. With respect to back-up media, it is recommended that these storage devices be physically destroyed when no longer needed.

You are responsible for knowing the content of important e-mail communications sent to you by University officials.

Faculty and staff who have e-mail accounts with services outside the University are encouraged to use only their University-managed e-mail accounts for communications regarding University matters to better protect the privacy and security of University data. Moreover, use of University-managed e-mail accounts will facilitate responses to subpoenas and other situations that may require the retrieval, inspection or production of documents including e-mail.

Princeton account-holders who have their e-mail copied or forwarded to an outside account must take care to avoid marking any such copied or forwarded mail as spam. Major Internet service providers have barred all e-mail coming from the Princeton domain when the provider's customers have marked as spam what the provider perceives to be too many messages. Such incidents can interfere with the business of the University as well as impede communication for members of the University community.

You are responsible for assuring that there are backups of important documents and files which reside on systems supported by the University, and for protection against unauthorized access to, sharing, or viewing of, any sensitive information or any copyrighted material stored on your networked device or account.

If you have authorized or inadvertent access to sensitive or confidential data, you must observe the University's Information Security Policy and know which University office has stewardship of, and authority over, the information. Any handling of such data, whether in hard-copy form, on University-owned equipment, or via personally-owned home devices, should be done in the most secure confidential manner.

In the event of unauthorized access to University data, whether through theft or loss of portable devices such as USB drives, laptops, smart phones or other devices, or any other kind of breach of security, the individual who possessed the device or learns of the breach is responsible for notifying the appropriate University offices of a potential data breach, and assisting with the University’s data breach response.

Sensitive data should not be stored on laptop computers, flash drives, smart phones, or other devices that are easy to carry away. If it is absolutely necessary to store sensitive or confidential information on such a device, the information must be encrypted to protect it from view should the device fall into unauthorized hands. It also is essential to provide adequate physical security for any device, including a desktop machine that contains sensitive data. The University-endorsed encryption product or protocol should be used whenever possible. If the University has not yet endorsed a particular product or protocol for the platform you use, you should be prepared to use one when it is announced as endorsed.

Those who travel on University business should know that some encryption software may not be taken out of the United States. For that reason, and to avoid transporting unneeded University data, it may be prudent to travel with a computer or mobile device specially configured for travel rather than with the laptop or mobile device used locally at Princeton.

If you are responsible for data that are important to the University and that are created or stored on portable devices, you also are responsible for ensuring that the information is backed up regularly in a form that permits ready retrieval.

The advent of storage services in “the cloud” (for example DropBox) provides a tempting alternative for those who use portable network devices or have computers stationary in several locations. However, the security of such services has yet to stand the test of time. Unless the University can establish or recommend a particular service, your storing confidential or sensitive University information in such a “cloud” service poses serious risks, analogous to storing such information unencrypted on a readily-portable device.

The Princeton Desktop Council (DeSC) has indicated that peer-to-peer file-sharing software may not be installed or used on Princeton's DeSC computers because such applications could expose to Internet access information that is sensitive, confidential, or University-private.

The “people search” facility on the Princeton University home page returns an acceptable use policy statement with the results of a search. The statement is intended to prevent misuse of contact information by marketers and others. If a department provides a “people search” feature as part of a departmental website, it should include a similar statement.