Cornell University owns and operates its electronic mail (e-mail) infrastructure, which must be managed for the entire university community in a manner that preserves a level of privacy and confidentiality in accordance with relevant laws, regulations, and university policy. While the university permits limited personal use of its email infrastructure, those availing themselves of this privilege do not acquire a right of privacy in communications transmitted or stored on university information technology resources.
Email custodians must not inappropriately access or disclose the content of mail transmitted or stored on Cornell-owned or Cornell-controlled information technology resources (e.g., desktop computers, routers, servers, personal digital assistants, etc.), except in the following situations: (1) as a response to a court order or other compulsory legal process, (2) in certain other circumstances only with the permission of authorized individuals (See “Email Steward” in definitions) or the provost, (3) when the correspondent is unavailable and the information is necessary to conduct university business, or (4) in health and safety emergencies.
All units of the university, including the Weill Cornell Medical College, which will develop separate procedures and processes.
*This PDF document is the official version of this policy.