Statement and Purpose

Administrative access to another individual's email, documents, or other electronic resources requires approval from a Vice President or the President. This step ensures that such access is granted only for legitimate business reasons and maintains a high standard of privacy and respect for employee rights.

Certain terms in this policy are defined at the end of the policy.

Download Policy as PDF

Entities Affected By This Policy

All University faculty and staff.

Reason for Policy

This policy is designed to balance the company's need for information access and employee privacy, maintaining a respectful and legally compliant workplace.

1 Statement and Purpose
- 1.1 Reason for Policy
2 Collaborate with Employees
3 Use of Administrative Access
- 3.1 Separation of Responsibilities
- 3.2 Resource Ownership
4 Related Policies and Procedures

Policy Version: 1.0

Responsible Office: Computer & Information Systems
Responsible Executive: AVP of Technology Services/CIO

Effective Date: July 1, 2010
Last Updated: January 16, 2024

Collaborate with Employees

Seattle Pacific University values the privacy of its constituents. Whenever feasible, Seattle Pacific University and employee supervisors must first attempt to work collaboratively with the individual or employee in question to access or preserve email, documents, or other information. This includes a Supervisor working with a departing employee to transfer any files necessary for University operations as documented in the Employment Separation Procedures. Access through an administrative override is to be considered a last resort and should only be used in rare cases.

Use of Administrative Access

Administrative access and override capabilities should only be employed in exceptional circumstances and with the utmost respect for the individual's privacy. Administrative override actions take significant CIS resources and will be prioritized accordingly. These instances must be well-justified and documented in writing, reflecting the seriousness of bypassing standard access protocols.

Separation of Responsibilities

Executive Role: The appropriate area Vice President or the SPU President must approve any administrative access, is responsible for ensuring the legitimacy of the request, and takes on the liability for the action.
Computer and Information Systems Role: Upon receiving approval, CIS is responsible for granting access to the individual's resources. This process must be carried out with utmost care to ensure data integrity and confidentiality.
No CIS Review of Content: CIS will not participate in the review or analysis of the contents obtained via use of administrative access. CIS's role is strictly limited to the technical aspects of data access. This is to maintain a strict separation of responsibilities.

Any administrative access of an individual's account not done in accordance with this policy and separation of responsibilities is grounds for immediate termination in accordance with the Privileged System Access Policy.

Resource Ownership

The Computer Acceptable Use Policy and the Computer User Accounts and Resources policy state that accounts and resources granted by the University are property of the University. Administrative access is allowed to any resource provided by SPU.

Related Policies and Procedures

Employment Separation Procedures • Computer Acceptable Use Policy • Computer User Accounts and Resources • Privileged System Access Policy

Administrative Account Access