Search Information Security site

 

Guidance for Use of Personal Accounts or Redirection for University Email

Conditions of Email Forwarding

You are strongly advised NOT to redirect or auto-forward email sent to your UVA-provided email address(es) to personal, non-UVA email service(s).

If you wish to use a personal email account for your University work activities, or redirect a University account to a personal email account, you MUST agree to ALL of the following (for more guidance, please consult ITS Webpage on email forwarding):

  1. You agree to provide access to or copies of all email received or sent concerning University business to the University if requested in accordance with the Freedom of Information Act, internal investigations or audits, subpoena, search warrant or other legal actions.
  2. You agree to turn over to department supervisor/chair all emails sent or received concerning University business when your employment relationship with the University has ended.
  3. You agree to retain all email received or sent concerning University matters in accordance with the University Records retention and disposition schedules on the Records Management Office website.
  4. You agree you will not transmit highly sensitive data via email in accordance with the University Data Protection Standards or student data protected under FERPA.
  5. You agree to comply with all University IT policies.
  6. You agree to take full responsibility for the security, back-up and management of all email sent or received concerning University business or transactions held within the email account.

Hazards of Forwarding Emails

Redirecting your UVA email to a personal, non-UVA email account exposes you and UVA to the following hazards:

  • It removes any guarantee of security and privacy for sensitive University business-related information that may be contained within email text or attachments.
  • It leaves no official records in the University system. If a demand for such records is made in litigation or under the Virginia Freedom of Information Act (FOIA), you may be required to search within, or provide access to, your personal email account for University business records to be recovered.
  • It makes it impossible for UVA technical staff to assist with technology issues related to your outside email provider's services, including the recovery of emails lost due to the provider’s service failures.

 

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form