View Procedure


Procedure for Managing University Records of Exiting Employees

Approval Date: 2016-07-07

Effective Date: 2016-07-07

Responsible Unit: Office of the Chief Information Officer


Units must develop a process to ensure that University Records always remain in the custody and control of the University, and that access to University Records is managed when employees leave positions or transition from one Unit to another. When an employee leaves the University, changes positions within the University, or transitions from one Unit to another within the University the following questions should be answered by the exiting employee:

What University Records in paper format are under your control?

  • desktop and desk drawers
  • filing cabinets, both in the individual's workspace, shared space or any other location
  • records temporarily in the possession of a colleague or another Unit
  • commercial records storage

What University Records in electronic format are under your control?

  • local hard drive (e.g. C: drive)
  • personal drive (e.g. folder on a shared drive only accessible to the individual)
  • cloud storage (e.g. Dropbox, OneDrive, Google Drive)
  • social media sites (e.g. Twitter, Facebook) managed by the individual on behalf of the University
  • email accounts (both official University email and personal email accounts if applicable)
  • calendar accounts
  • removable media (USB drives, external hard drives, CDs, etc.)
  • devices such as laptops or mobile electronic devices, whether University or personally owned

Once the questions above have been answered and an inventory of University Records has been established, the Unit must ensure that if any University Records are currently not accessible by the University (e.g. on personal DropBox account) they are moved to an accessible location such as a shared drive.

What types of University access do you have?

  • University systems such as Banner, Memorial’s Incident Management System (MIMS), etc.
  • Cloud solutions used for the delivery of University services
  • Social media sites (e.g. Twitter, Facebook) managed by the individual on behalf of the University
  • Voicemail
  • Keys/swipe cards

The Unit Head or Designate must immediately notify Information Technology Services (709-864-4595 or at the St. John’s campus; Information Technology Services (709-639-2049 or at Grenfell campus; or Information and Communications Technologies (709-778-0489 or at the Marine Institute of the exit of an employee from the University or the transition of an employee from one Unit to another to ensure University network and system access is deactivated or changed in a timely manner.

In cases where social media sites were being managed by an exiting employee on behalf of the University, the Unit Head or Designate must ensure the individual’s account has been deactivated (if it is a named account) or the username and password has been provided to the Unit (if it is a generic University Account). In the case of a generic University account, the password must be changed.

In the case of Cloud solutions being used by an exiting employee for the delivery of University services, it is the Unit Head or Designate’s responsibility to terminate any access.

Policies using this procedure:

Procedure Amendment History

No recorded history of amendments.