Email disposal and retention guidelines
These are step-by-step guidelines with the purpose to facilitate managing your email as a Mid Sweden University employee.
Background
Most rules were applicable already before the new regulation; such as what public records are, if the records should be archived or discarded, how to handle records that are not public etc. What changed in May 2018 is that the General Data Protection Regulation (GDPR), unlike the previous law (“personuppgiftslagen”in Swedish), includes rules for email management. Simply put, this means all emails sent to or from name@miun.se contains personal data such as sender/receiver, and often names. In addition to following the laws and regulations concerning public records, state employees need to work in accordance with the rules regarding processing of personal data.
Email management
In order to figure out for how long you are allowed to keep an email, you must first decide whether the email constitutes public records or not. Start with the question “Is the email sent internally (within the organization) or externally?”
- Internally = emails sent within Mid Sweden University, both receiver and sender,
- Externally = emails with receiver and/or sender outside of the organization
From here on you follow the instructions under the applicable headline below. Under Examples, you can read a brief description of how a few different types of records should be managed.