From time to time it becomes necessary for an official of the College to gain access to electronic information that is normally not available to the general public. This policy describes the procedures that are to be followed when access to such information is needed.
Vassar’s Responsible Use Policy states:
Vassar College values the privacy of individual users and will respect that privacy whenever possible. By its very nature, electronically stored and transmitted information is vulnerable to interception, so users should always take precautions to protect sensitive files. While the college reserves the right to access files and transmissions on college-owned equipment, it will not normally invoke this right without the consent of the user. If access without the consent of the user is necessary, it will take place only with the approval of the appropriate senior officer, with notification to the president, except when the college is legally required or constrained to act otherwise.
Thus, while we do not create an expectation of privacy, we nevertheless have created a system of approvals that applies to electronic information that is not normally available to the public. This includes, but is not limited to electronic mail as well as all manner of computer and system logs, such as those for email, web access, door access, dining, etc. For the purposes of this policy “electronic logs” refers to all manner of computer and system logs such as those for email, web access, door access, etc.
A request for access to electronic mail or electronic logs, as described above, must be approved by a Senior Officer of the College and must be made to the Chief Information Officer in writing or via electronic mail. In the case of a Senior Officer making the initial request for electronic mail or logs, the request must be approved by the President, or another Senior Officer. The request must contain the specific information that is being requested, a copy of the approval of the Senior Officer, and a time frame by which the information is needed. Requests will be processed as quickly as possible based upon the expressed urgency of the request and the ability to retrieve the requested information. Please note that in some cases the requested information may no longer be stored on our systems or backups and may thus no longer be available for retrieval.
In the event of a request for access to electronic mail or logs that involves an imminent threat to the health or safety of an individual, urgent requests may be made directly to the Chief Information Officer (in the absence of the Chief Information Officer requests may be made to the Director of User Services) by telephone or electronic mail (the Campus Response Center has the necessary contact information). The Chief Information Officer will then immediately contact the appropriate person required to provide the requested information. The person making such an urgent request must then follow up as soon as possible by sending an email message to their Senior Officer and the Chief Information Officer describing the request and the nature of the urgency for such a request.
Revised: July 27, 2015