The policy on electronic communications (email) has been revised. Starting March 13th, faculty and staff may only forward email to official university providers and not unofficial third-party providers, like Google, Yahoo, and AOL. UConn revised this policy to ensure compliance with relevant laws, regulations and policies, including those concerning the retention and protection of emails and attendant data.
Official providers must meet the following standards:
Technical: The service must have
- A fulltime university employee who has authority for the service and is accountable for compliance with this standard.
- An auto response mechanisms. If an individual leaves the university, an auto response will inform the sender that the recipient is unavailable.
- Secure protocols for authentication and data transfer, such as IMAPS, SPOP3, or HTTPS
Procedural: The service must be able to
- Keep 30 day's worth of deleted data from mailboxes.
- Have spam and virus scanning on all incoming mail.
- Remove access from terminated employees so they lose access to University data immediately.
- Remove mailboxes for employees who have left the University unless they are granted the right to keep a mailbox with the University through Emeriti status.
- Export mailbox data to meet Freedom of Information Act (FOIA) requests.
- Have a litigation hold setting, which preserves all data, even if deleted by the user.
- Search mailbox data, including ability to search by keyword and date range.