The following are best practices for users managing
business related electronic data in Carnegie Mellon's computing environment. These
practices should be followed to promote efficient retention of business records
and to ensure easier compliance in the event that you receive a litigation
business related email using a Carnegie Mellon email account (e.g.,
email@example.com, firstname.lastname@example.org) or a departmental email account
(e.g., email@example.com, firstname.lastname@example.org). Personal email
accounts such as Gmail, Yahoo, or AOL should not be used for
business-related communication. Using Carnegie Mellon email accounts and
systems helps to provide an audit trail that might be useful in the event
of a litigation hold.
data using separate folders for business related and personal data.
Further separations such as filing by project or topic can help to isolate
aware of what systems are used to store your data - What email system do
you use? Do you keep local archives of email? Are your files stored
on your local machine or on a network folder?
whether or not your data is being backed up. It is typically safe to
assume that email stored on servers is backed up. Is your hard drive
backed up? Is this done by your departmental computing group? Do you
back up your files yourself? If the hard drive is backed up, do you know
what the backup retention policy is?
dual delivery when forwarding business related email to a personal email
account. Dual delivery is the process of delivering email to both your
Carnegie Mellon email account and your personal email account. Dual
delivery can be setup through Carnegie Mellon's web portal.
using a mobile device for email, be sure to "cc" your university
or departmental account on all university business correspondence.
If encryption is used for email or file storage, ensure that
a supervisor or some other Carnegie Mellon affiliate has the means to decrypt
the data. Decryption keys or passwords can be placed in a personnel file,
sealed in an envelope and stored in a safe location, etc.