Use of Personally Owned Mobile Devices for University Business
Appendix to Policy
Office of Records and Information Management
Office of General Counsel
University employees should understand that any records they create related to University business - including text messages, voicemail messages, emails, photos, and other electronic communications - are University records. These records therefore (1) should be managed according to University records retention policies, and (2) may be subject to disclosure under the Minnesota Government Data Practices Act if someone requests them. These guidelines are intended to help you manage the business-related documents and files on smartphones, tablets, or similar devices, to appropriately keep what you should keep and to delete what is unnecessary.
The general rule is that business-related records that the University should retain must be kept on University—not personal—computer systems, and business-related records that do not require retention should be deleted as you go. This rule applies to University-related information transmitted on your smart phone or similar device, whether the device is owned by the employee or provided by the University.
Protect Your Device
Auto lock your device and require a password to unlock. No one should be able to pick up your device and access University data. The potential for disclosure of private data is too great.
See Administrative Policy: Information Security for additional information security requirements.
Documents and Other Files on Your Device
- If your device has other programs on it, such as Microsoft Office products, and are using these programs for business-related purposes, save those records to University provided storage (e.g., Box, UMN Google, or UMN network drive). Make sure they don't exist only on your device.
- Encrypt any files that contain private data.
- Delete files from your device as soon as possible.
- Do not use personal or University-provided devices to take, transmit, download, upload, print or copy photos or videos of University employees or students without their permission, unless otherwise permissible. For more information, see University Relations Filming and Photography on Campus.
- See Public Records: Guidelines for Electronic Communications appendix