Privacy of Electronic Information and Information Technology Resources

Frequently Asked Questions

Read IT-07: Privacy of Electronic Information and Information Technology Resources.

In section (1), on access by technicians and administrators that requires authorization for access, what is acceptable as written authorization? Is email ok?

The type of authorization required varies slightly for the different circumstances described in sections 1a through 1g. For those situations where written authorization is required, the University Information Policy Office requires the faxed or scanned copy of a letter. It should be on IU letterhead if from an official of the university and you should retain the original copy for your records. Email is not accepted without prior approval.


In section (2), on "Notification", when the policy says that "reasonable efforts" will be made to notify the individual of access, what does that mean?

Typically, this means the person accessing the data or requesting access to the data attempts to contact the individual via email and phone, or in the case of someone no longer associated with the university, the last known mailing address.


How are preserved materials that are no longer needed to be destroyed in a secure manner?

Material on paper or other physical media should be physically destroyed by shredding. Magnetic media may be wiped and reused. The University Information Security Office has a page on securely removing data.


What should I do if I'm not sure how to apply IT-07 to a specific situation?

Please contact the Chief Information Policy officer ( it-incident@iu.edu ) or your campus Chief Information Officer for advice and consultation.


What should I do if I receive a subpoena, warrant, court order, or other legal request demanding access to information technology recourses or electronic information?

Immediately contact the Office of the Vice President and General Counsel (Bloomington and other campuses: 812-855-9739; IUPUI campus: 317-274-7460).


How do I go about requesting access to specific information technology resources or electronic information assigned to or associated with another individual?

For resources maintained by University Information Technology Services (UITS), send your request to it-incident@iu.edu.

For resources that are not maintained by UITS, direct your request to the technology director of the unit managing those resources (on the Bloomington and IUPUI campuses), or the appropriate campus CIO (on the regional campuses).


Related Policies, Laws, and Documents