The University of California operates under several laws, rules, and policies with regard to Privacy. These rules may not be clear, so this section has been created with common questions, situations, or misconceptions to help provide guidance.
If you have any questions, please contact Isaac Straley (4-1471).
Q: An employee has separate from the University and s/he has business emails or files which are needed for business operations. Can I access those emails or files?
A: Under the ECP, you must obtain permission from the employee to access her/his emails. Units should create an authorization form as part of the separation paperwork. The ECP does not normally apply to files on the computer, however individuals still have a constitutional reasonable expectation of privacy. Separation forms should include files. If authorization was not obtained or granted, the access without consent procedures must be followed.
Q: An employee has a medical emergency and is not available. S/he has email needed for an urgent business need. Can I search her/his email for the message or can I forward his/her email to another email address?
A: Under the ECP, you may not access the email account without getting access without consent approval. You also may not forward emails temporarily to another business email address. You may post a vacation message response which includes the appropriate business email address.
Q: An employee is suspected of improper activity. Can I create a snapshot of their computer / email / network drive without telling her/him?
A: You may create a backup copy or snapshot of the data, but you cannot access it without consent. It is better to obtain consent first.