Email Retention Policy
Version 2.0
For Students, Faculty, Staff, Guests, Alumni
Purpose
The purpose of this policy is to inform Users of the retention period for Fordham University’s Gmail™ messages.
Scope
This policy, and all policies referenced herein, shall apply to all members of the University community, including faculty, students, administrators, staff, alumni, authorized guests, delegates, and independent contractors (the “User(s)” or “you”) who use, access, or otherwise employ, locally or remotely, the University’s IT Resources, whether individually controlled, shared, stand-alone, or networked.
Policy Statement
- Archiving1 is enabled on Gmail. Emails created beyond the archival period will be automatically deleted. Therefore, Users must not rely on the archives for any purpose, including, but not limited to, the User’s need or desire to retain, access, or preserve email, related contents, or attachments.
- Users are responsible for identifying and saving documents that must be retained to comply with federal, state, or local laws, University Policies, or other legal obligations or requirements per the Records Retention and Disposal Policy.
- When the University is legally obligated to preserve emails, the University will suspend the automatic deletion of messages by the archive system until the legal obligation no longer applies.
- Users may save copies of emails and attachments before the retention period expires by transferring them to other secure electronic media per Data Classification Guidelines.
- Email usage must comply with the Acceptable Uses of IT Infrastructure and Resources Policy.
1 Email sent or received via Fordham’s Gmail servers is retained for a period of eight years. Any messages that are over eight years old will be automatically deleted.
Related Policies and Procedures
- Acceptable Uses of IT Infrastructure and Resources Policy
- Data Classification Guidelines
- Records Retention and Disposal Policy
Implementation Information
| Review Frequency | Triennial |
|---|---|
| Responsible Person | Office of Legal Counsel |
| Approved By | Office of Legal Counsel |
| Approval Date | January 15, 2016 |
Revision History
| Version | Date | Description |
|---|---|---|
| 1.2 | 01/15/2016 | Supersedes 09/01/2014 |
| 2.0 | 10/03/2023 | Updated scope, policy statement, links, and policy disclaimer |
Policy Disclaimer Statement
Deviations from policies, procedures, or guidelines published and approved by Information Security and Assurance (ISA) will only be considered cooperatively between ISA and the requesting entity with sufficient notice to allow for conducting appropriate risk analysis, documentation, review, and notification to authorized University representatives where necessary. Failure to adhere to ISA written policies may be met with University sanctions up to and including dismissal.