Key provisions of the employee privacy policy affecting retrieval of lost encryption keys

Reference: http://www.policies.vt.edu/7035.pdf

Privacy Policy for Employees' Electronic Communications

3. Procedures

Authorization for non-law-enforcement university personnel to monitor
or access electronic communications or files of employees will not be
granted casually. Such authorization will require justification based
on reasonable business needs or reasonably substantiated allegations
of violation of law or policy on the part of the employee. In carrying
out retrieval of files or information, due respect should be accorded
to confidential or personal information and legally protected files.

3.1 Investigations of Violations of Law or Policy

Authorization in such cases may be granted by the relevant dean or
senior manager (including vice presidents/vice provosts), or higher
level authority if needed.

3.2 Business Needs

...the employee is unavailable, authorization to access that employee’s
electronic communications should be provided by the department head or
director, or next higher authority...
  • No labels