Employees’ Electronic Communications
University Policy Number 1315
Responsible Office: Vice President of Information Technology/CIO
Policy Procedure: N/A
Related Law & Policy:
Virginia Freedom of Information Act, Virginia Code § 2.2-3700 et. seq. ;
Library of Virginia Retention Schedules adopted pursuant to Virginia Code §42.1-85;
Virginia Department of Human Resource Management Policy 1.75;
University Policy 1102: Records Management;
University Policy 1117: Responding to Virginia Freedom of Information Requests;
University Policy 1301: Responsible Use of Computing
This policy applies to:
1. all Employees; and
2. the following persons who send or receive Electronic Communications and use University Equipment/Resources:
a. former Employees whose communications and computing resources have not yet been terminated, deleted, or transferred;
c. consultants, contractors, and employees of contractors;
d. all individuals whose use of University Equipment/Resources continues between periods of employment;
e. volunteers; and
f. all other individuals who are carrying out University Business.
This policy applies to Electronic Communications and University Equipment/Resources at all University locations.
II. Policy Statement
A. All Employees must use the University E-mail System for all University Business transacted by electronic mail.
B. All Employees must comply with all Commonwealth of Virginia regulations and policies. This policy supplements the Commonwealth of Virginia’s Human Resource Policy 1.75 (“DHRM policy”), which provides: “No user shall have any expectation of privacy in any message, file, image or data created, sent, retrieved, received, or posted in the use of the Commonwealth’s equipment and/or access.” Nothing in this University Policy shall be construed to limit DHRM policy in any way. This Policy shall not be deemed to create additional or new legal rights, or the expectation of privacy for any Employee.
C. All Employees must comply with all record retention requirements in Policy 1102: Records Management, and shall not destroy records in violation of that policy.
D. The University does not routinely monitor or access the content of Electronic Communications, but may do so under the following circumstances:
- when authorized by the Senior Vice President or Provost;
- when required to release communications or files by law, by order of a court, or in accordance with the Virginia Freedom of Information Act;
- Internal Audit investigations;
- if accessed by Office of University Counsel;
- emergency situations involving an imminent threat of irreparable harm to persons or property;
- death or incapacity of an employee;
- if resources are assigned to a group or publicly available to any user;
- in accordance with departmental policy, if routine monitoring is an essential part of the work environment;
- if accessed by technical staff in their course of business; or
- if accessed by the supervisor of a former Employee or retiree who is no longer employed by the University.
E. In general, University technical staff will not disclose the content of Electronic Communications. If technical staff observe potentially illegal content in Electronic Communications or files while working to resolve technical problems or violations of University policy, they are required to report it to appropriate authorities.
Employees means persons employed by George Mason University, including student employees.
Electronic Communications means communications sent by electronic means, including telephone communications, voice mail, e-mail, and computer files traversing the University network or stored on University equipment or on equipment vendors provide under contract.
University Business means all work performed by Employees within the scope of their employment.
University E-Mail System means any e-mail (electronic mail) system provided by the University to Employees for communication of University Business.
University Equipment/Resources means equipment and resources, such as computers, phones, e-mail and internet, provided to Employees or others to conduct University Business.
Authorization for non-law-enforcement university personnel to monitor or access Electronic Communications must be based on reasonable business needs, the Virginia Freedom of Information Act, or reasonably substantiated allegations of violation of law or policy on the part of the Employee.
A. Access for Ordinary Business Purposes and the Virginia Freedom of Information Act
Before the University accesses Electronic Communications for ordinary business purposes or for a Virginia Freedom of Information Act request, the Employee should ordinarily be informed and asked to help in obtaining the electronic communications. If the Employee is unavailable or refuses to assist, the Employee will be sent notice of the access and the nature of the Electronic Communications accessed.
B. Access for Investigations of Violations of Law or Policy
In the event of allegations of violations of policy or law by an Employee, a request by non-law-enforcement university personnel to access Electronic Communications must include the rationale for the request, a description of the information or files to be accessed, and the proposed handling and disposition of the files. Requests for and approval of access for this reason will remain confidential, and the Employee will not be notified of such access. Authorization must be based on reasonable grounds.
C. Routine monitoring and/or access in support of essential departmental operations
If routine monitoring or examination of Electronic Communications is an essential part of the work environment, then the department must develop and maintain a clearly written operating policy that is regularly disseminated to the affected Employees. Affected Employees must be given an opportunity to comment during the development or major revision of such a policy. Prior written approval of such departmental policies is required from the relevant dean or senior manager.
D. Access by supervisory staff
If a supervisor of a former Employee or retiree requires access to the former Employee’s email for business continuity reasons, the supervisor will request access from Human Resources & Payroll. Access will be granted only after Human Resources verifies that the former Employee is no longer employed by the University, and that the request is made by such former Employee’s supervisor.
A. Effective Date:
This policy will become effective upon the date of approval by the Senior Vice President and Provost.
B. Date of Most Recent Review:
VI. Timetable for Review
This policy, and any related procedures, shall be reviewed annually.
Senior Vice President for Administration and Finance
Date Approved: April 25, 2014
Revision Approved: March 21, 2017
Revised: May 18, 2017