- Home »
- Electronic Records Retention Policy
Electronic Records Retention
The University of North Carolina at Greensboro
- (Formerly E-mail Retention Policy)
- (Approved by the Chancellor, May 13, 1998)
- (Approved by the Chancellor, November 28, 2005)
- (Approved by the Chancellor, May 15, 2010)
In today's University environment, employees create and maintain an increasing portion of their records using computers. Electronic records must be managed alongside traditional records to ensure compliance with state and federal regulations and to preserve institutional history.
The purpose of this policy is to inform University employees and departmental management of the requirements and responsibilities for management and disposition of electronic records.
The electronic records retention policy set forth herein applies to all employees of the University and applies to all electronic records that are made or received in the transaction of University or public business.
The term "electronic record" means any record that is created, received, maintained or stored on University local workstations, central servers, or external servers. Examples include, but are not limited to:
- electronic mail (e-mail)
- instant messages
- social media content
- Web site content
- word processing documents and spreadsheets
The term "legal custodian" shall mean the originator or creator of an electronic record if that person is a University employee; otherwise it is the University employee to whom the electronic record is addressed or to whom the electronic record is sent. If the record is transferred, by agreement or policy, to another person for archival purposes, then that person becomes the legal custodian.
"Official" records retention and disposition schedules are the general and departmental program schedules that have been approved by the state and the University.
Maintenance and disposal of electronic records, as determined by the content, is the responsibility of the legal custodian and must be in accordance with guidelines established by the Department of Cultural Resources (G.S. §121-5)  and also in compliance with State and University approved records retention and disposition schedules. Failure to properly maintain electronic records may expose the University and individuals to legal risks.
The department head of an office having public records is responsible for ensuring compliance with this Policy and with the Public Records Act. When an employee leaves a department or the University, the department head is responsible for designating a new custodian and ensuring that any public records in the separating employee's possession are properly transferred to the new custodian. The department head is responsible for contacting Information Technology Services to arrange for the transfer of the electronic records to the new custodian before the accounts are scheduled to be deleted.
Work-related electronic messages are University records, and must be treated as such. Each electronic message user must take responsibility for sorting out personal messages from work-related messages and retaining University records as directed in official records retention and disposition schedules. Electronic messages that do not meet the definition of a public record, e.g., personal electronic messages, or junk electronic messages, should be deleted immediately from the system.
In addition to any copies maintained as University records, all faculty and staff email is routed through an email archiving service prior to delivery to the user's inbox. All outgoing email also passes through this archiving service prior to being routed to the Internet. The archiving service makes a copy of every email that is sent to and from the user's email account and stores it in the archive. The archive will retain all faculty and staff non-spam email for a minimum of five years. Users have read access to the email in their account and may restore deleted messages from the archive. Deleting email from a user's inbox does not delete the email from the archive.
Electronic message servers are NOT intended for long-term record retention. Electronic messages and any associated attachment(s) with retention periods greater than three (3) years are to be printed and filed in similar fashion to paper records according to official records retention and disposition schedules. It is important to note that the electronic message should be kept with the attachment(s). The printed copy of the electronic message must contain the following header information:
- who sent message
- who message was sent to
- date and time message was sent
When e-mail is used as a transport mechanism for other record types, it is possible, based on the content, for the retention and disposition periods of the e-mail and the transported record(s) to differ. In this case, the longest retention period shall apply.
Social Media Applications
Electronic content developed by users of social computing tools are public records under G.S. §132. These tools must be used in a way that is in compliance with the Public Records Law, ensures transparency, and maintains security of University networks. Users of social media accounts are responsible for appropriately using social computing tools and maintaining the content generated by such tools.
ITS Backup Files
Information Technology Services performs backups on a regular schedule of the electronic files stored on central servers for disaster recovery. These backups are to be used for system restoration purposes only. The IT system administrator is not the legal custodian of messages or records which may be included in such backups.
When litigation against the University or its employees is filed or threatened, the law imposes a duty upon the University to preserve all documents and records that pertain to the issues. As soon as University Counsel is made aware of pending or threatened litigation, a litigation hold directive will be issued to the legal custodians. The litigation hold directive overrides any records retention schedule that may have otherwise called for the transfer, disposal or destruction of the relevant documents, until the hold has been cleared by University Counsel. E-mail and computer accounts of separated employees that have been placed on a litigation hold by University Counsel will be maintained by Information Technology Services until the hold is released. No employee who has been notified by University Counsel of a litigation hold may alter or delete an electronic record that falls within the scope of that hold. Violation of the hold may subject the individual to disciplinary action, up to and including dismissal, as well as personal liability for civil and/or criminal sanctions by the courts or law enforcement agencies.
Failure to comply with the Electronic Records Retention Policy and associated schedules and procedures can result in disciplinary action and penalties applicable by law.
The Chancellor has approved the Electronic Records Retention Policy. The policy will be reviewed periodically by University Counsel and ITS.
Comments or questions? Email the Policy Administrator.