Email Retention Policy
The University’s Email Retention Policy and Procedure (hereinafter the “Policy”) has been developed to prescribe the amount of time that email messages are archived based on regulatory requirements as well as the technical means deployed by the University’s Information Technology (hereinafter “IT”) Department.
This Policy applies to Fordham’s Gmail™ services for staff, faculty, authorized guests, students, and alumni.
- Archiving is enabled on Fordham’s Gmail services for faculty, staff, authorized guests, students, and alumni. All email messages that are sent or received via Fordham’s Gmail servers are retained for a period of 8 years in an archive system. The archive system operates on an instantaneous basis when any email is communicated through Gmail. Any email messages that are over eight years old will be automatically deleted by the archival system. In the event that the University is legally obligated to preserve emails, the University will suspend deletion of messages by the archive system until such time as the legal obligation no longer applies.
- Individuals may save copies of email and attachments before the retention period expires by transferring them to other electronic environments and media and/or by copying them on paper. Originators and recipients of email are responsible for identifying and saving documents that must be retained in order to comply with federal, state, or local laws, University Policies, or with other legal obligations or requirements. Individuals should not rely on the archive system for any purpose including, but not limited to, the individual’s need or desire to retain, access, or otherwise preserve any email or related contents or attachments.
- Email usage must be in compliance with the Acceptable Use Policy of the University and in particular the Email Usage section of that policy.
|Responsible Person||Office of Legal Counsel|
|Approved By||Office of Legal Counsel|
|Approval Date||January 15, 2016|
Policy Disclaimer Statement
Deviations from policies, procedures, or guidelines published and approved by the University Information Security Office (UISO) may only be done cooperatively between the UISO and the requesting entity with sufficient time to allow for appropriate risk analysis, documentation, and possible presentation to authorized University representatives. Failure to adhere to UISO written policies may be met with University sanctions.