The purpose of this protocol is to determine circumstances under which emergency access to any

University member’s digital accounts is granted.

Scope

This is an administrative policy, affecting all members of the University.

Referenced Laws, Regulations, and/or Policies 

This is the University protocol.

Protocol

The University offers electronic services to all members of the University community through Parami-affiliated emails and services. While the University strictly adheres to data privacy in accordance with the Data Privacy as well as the Identity Protection and Data Management policies and procedures, there may be legitimate reasons that require access to information that is stored on the University servers and other digital storage devices. These may arise from a legal action (eg. a court order), the health and safety of the University community, or under urgent University operational needs.

It is the responsibility of the University to make sure that it seeks the permission from a person or a group of individuals in question to give permission to access their digital accounts. However, if an individual or the group of individuals cannot provide permission to access them, and if the urgent reasons as stipulated above supersede the right to data privacy due to extenuating circumstances, the University may provide information of the individual or the group of individuals without their permission, as long as the Office of Information and Technology has been authorized by the University Management or the Board of Trustees to release the information.

Seeking Request

Any administrative or academic staff must first discuss with their immediate supervisor on why he or she needs information from another member of the University and why seeking permission is not possible. Such a request to seek information from another individual will be taken seriously by the immediate supervisor. Once the supervisor has reviewed the case and satisfactorily determined that seeking permission is not possible, the supervisor will move forward with the request from the Office of Information and Technology.

Examples of an individual’s inability to provide consent or permission include, but not limited to the following circumstances: an individual has extended administrative or academic leave with no response on requests; an individual leaves the University unexpected and cannot be contacted; an individual is terminated for cause of sanction, and an individual is in a medical condition in which seeking permission is impossible.

The request must always be authorized by an individual at the level of Director or Dean to even begin processing the request to the Office of Information and Technology. The authorizing Dean or Director must inform the Office of Information and Technology that an identified academic or administrative staff will begin to seek the request. If the request comes from a court order, the court order will be first taken to the Board of Trustees. Only the Board of Trustees can authorize the Office of Information and

Technology to begin the process of releasing the information.

Review

The Office of Information and Technology is responsible for ensuring compliance with this protocol in various offices of the University.

Date