Introduction


In order to protect the security and the privacy of the University network and the data it contains, Technology Services maintains these disposition procedures. These procedures govern all network and computing accounts at the University, including but not limited to all centralized systems of access and authentication. In case of conflict with university policy, the policy will govern.
 
There are four relevant areas of disposition activities: Network Access, Administrative System Access, Electronic Mail Access and Account Deletion.

Network Access

This provides a way to logon to the university network and campus computers as well as other systems and services, and is commonly referred to as a Network Logon account. This access will be disabled upon separation, unless Technology Services receives a request for retention by a cognizant University official.

Administrative System Access

This access provides the ability to view relevant data in Cardinal Station and other administrative systems. Students retain their access to Cardinal Station self-service; access to other administrative systems is disabled immediately on graduation or separation. University employees retain access to Cardinal Station self-service features; other roles are revoked and access to other administrative systems is disabled immediately on separation.

Electronic Mail Access

This access allows for receiving, reading, and sending electronic messages. Students retain access to their Cardinal Mail account on separation from the university as long as the account remains in active use and in compliance with all applicable Technology policies and agreements. In cases of extraordinary separation from the University, a Dean or other University official may impose removal of Cardinal Mail access. Email access will otherwise continue for faculty for 330 days following their separation date with the University, unless determined otherwise by the Provost. Email access for faculty given the status of Emeritus will be maintained. Email access for staff will be disabled upon separation, unless otherwise requested by the cognizant Vice President.

Account Deletion

This concept applies to all data created, stored, or received by a member of the University community, but especially files (including e-mail for faculty and staff) stored on University systems and services. Student accounts and data may be deleted 30 days after graduation or separation from the University, unless otherwise requested by a cognizant University official. Faculty accounts and data may be deleted one year after separation, unless otherwise requested by the Provost. Staff accounts and data may be deleted 90 days after separation, unless otherwise requested by the cognizant Vice President. See also the university policy on electronic communications by employees regarding ownership of accounts.

Preservation of Personal User Data is the User's Responsibility

It is the responsibility of the employee or student to back up any personal data stored on University systems or services prior to separation from the university.

Review

These procedures will be reviewed periodically and are subject to change at the discretion of the University.

Process for conflict resolution

If a member of the University community wishes for an exception to these procedures, the exception application must follow existing practices pertaining to the use of technology at the University. Application must be made to Technology Services' Director of User Services, who will consult with the appropriate University officials.