Account or Data Access Policy

 

When a Duke employee or student leaves the University, their account information (such as e-mail electronic files, voice mail, and other data) will not be made available to a 3rd party except in rare cases as defined in the Duke Acceptable Use Policy.

 

Some typical requests include:

 

If a Duke faculty or staff member has left the University and their department believes that there is a critical need to directly access the former employee's account(s) (email account, file space, and other data), a request from the departmental chair or director can be submitted to the University IT Security Office for consideration. Granting such a request requires the approval of the University's President, Executive Vice President, and the Office of Counsel. In general, direct access to the account is not provided, and a vacation message can be put on the person's email account until the account expires to direct people to an alternate email address or contact person.

 

If a former employee or student wishes to access their own central Duke mail, approval must be obtained from the CIO; if a former employee or student wishes to access their own departmental email account, approval must be obtained from that department's Dean.

 

In the case of a University community member who is deceased, direct access to the e-mail account or file space is not usually provided; however, a vacation message can be put on the person's email account until the account expires to direct people to an alternate contact or the deceased person's email can be forwarded to another account (until the account expires) if so requested by the departmental chair and/or director. The content of the deceased's email account or file space can be provided to the executor of their estate, by arrangement with the University IT Security Office.

 

To request the release of a deceased Duke person's personal data, we will need:
 
  1. Your full name and contact information, including a verifiable email address.
  2. A copy of the death certificate of the deceased.
  3. A copy of the document that identifies you as the Executor or Administrator of the estate or that gives you Power of Attorney over the user's data on Duke systems.
  4. If you are the parent of the individual, please send us a copy of the Birth Certificate if the Duke account owner was under the age of 18. In this case, Power of Attorney or executor/administrator documentation is not required.
 
 
This information can be sent via fax or postal mail - contact security@duke.edu for that information.
 
It can take approximately 30 days for the information to be processed.
 
 
Duke users who are actively affiliated with the univesity and need to restore their own accidentally deleted data can open a service ticket with OIT to request the restoration.