Office of the Chief Information Officer


August 14, 2013


This policy applies to users of the Stony Brook University Google Apps for Education email system. Guidelines adopted by a division or department to meet specific academic or administrative needs must comply with this policy and with policies on the use of Stony Brook University information technology resources established by the Division of Information Technology.


The University is committed to using its resources efficiently and email is a cost-effective and efficient means of communication. This policy establishes email as one of the University’s official means of communication with students, faculty and staff and sets forth obligations members of the University community have regarding email use.


Email resources are, by default, provided to all students, faculty, and staff by Stony Brook University to support its education, research, public service, and health care missions. Users of University email systems are responsible for the proper use and protection of those resources. Certain VP areas may decide not to provide email accounts and use other communications methods.

Bulk Transmissions  

Bulk email transmissions risk triggering spam filters resulting in the block of Stony Brook University email by Internet service providers. Further, many users prefer not to receive bulk email unless it is personally relevant. The following conditions therefore apply to broadcast email:

  • Communications from instructors and academic departments or program chairs to current students in connection with instructional activity are permitted.

  • Any other broadcast messages (distributed to more than 100 recipients) or email messages to the entire or specific segments of the Stony Brook University community require pre-approval from the relevant Vice Presidents, or the CIO. Once approval has been granted, requests may be sent to for bulk distribution. 

Distribution Lists

Distribution lists shall be developed for a specific purpose. Users who develop personal distribution lists must ensure, prior to distribution, that each recipient is willing and entitled to receive the communication. Use of distribution lists for other than their intended purposes is not permitted.

Conditions for Use of Stony Brook University Email Accounts

  • Although every effort is made to preserve the integrity of the University email system(s), users should be aware that the interception of email messages on shared networks is possible. Highly sensitive or confidential information should not be sent via email.

  • Email must comply with relevant federal and state laws, as well as University policies, including those governing public computing resources, security considerations, and ethics in computing. See the Related Information section for key law and policy references.

  • The use of Stony Brook University email must comply with the Family Educational Rights and Privacy Act (FERPA) guidelines. It is not appropriate for the exchange of regulated Health Insurance Portability and Accountability Act (HIPAA) protected health information. Stony Brook Medicine provides an email system better suited to handle HIPAA-regulated, electronic, protected health information.

  • Items, materials, and communications associated with research subject to federal export controls regulations is strictly prohibited from being sent using email.

  • Email shall not be the sole method for notification where another method of communication is required by law.

  • The owner of an email account is responsible for its use and is presumed to be responsible for all email sent from that account. Users may not alter an email address to disguise or block the identity of the sender.

  • Email passwords and other credentials may not be shared. Email systems that rely exclusively on a User ID/password combination for security require periodic password changes to ensure that the account maintains its integrity.

  • Users may not view, copy, alter or destroy another person’s email without permission unless authorized or required to do so by law or policy.

  • Email may be automatically scanned for malicious content (viruses, spam, phishing attacks) and filtered accordingly and without warning.

Use of Email for Official Communication

For those community members who are issued a University-provided email account, it is their responsibility to make sure they are receiving and checking for official University communications sent to the account on a regular basis. Official communications are any communications that include content related to matters concerning student, faculty, and staff interaction with the University unless they are specifically regulated or prohibited by law or policy. The primary Stony Brook email address is the address to which the University sends official email notifications.

Assignment of Primary Email Addresses

The Division of Information Technology (DoIT) assigns nearly all members of the University community a primary email address. For employees who require an email account, these addresses are created within a few days of the University entering an individual’s data into its administrative systems. For students, accounts are created when a student becomes eligible to enroll in a course. Primary email addresses are formatted as electronic post office (EPO) mailboxes in the general form of The EPO format deliberately obscures the underlying mail storage system. This is by design and makes migrations and transitions more seamless. The University’s electronic campus directory found at contains primary email addresses for everyone issued a University email account, except for students who are not listed in the public directory at their request, in compliance with FERPA.

Redirecting of Email and Additional Email Addresses

Members of the community may use functionality built into existing systems (SOLAR, SB Alert) to specify additional email addresses beyond their primary University-provided email address. These are supplemental addresses and in no case do they replace the primary delivery address. In some systems, members of the community may also enable email forwarding. Forwarding permits mail addressed to the primary Stony Brook email address to be further relayed to a personal address of choice. In making these forwarding choices, community members are solely responsible for selecting the email service(s) they choose and ensuring proper account configuration and maintenance. Community members are ultimately responsible for receiving and reading official University communications in a timely manner. The University’s responsibility ends at the proper delivery to the EPO address.

Expectations Regarding Community Use of Email

Community members are expected to check their primary University email address on a frequent and consistent basis to remain informed of University communications, as certain notifications may be time sensitive. Community members who fail to check their email on a regular basis are responsible for any resulting consequences.

Educational Uses of Email

Faculty will determine how email or other means of electronic communication will be used in their classes. Faculty may expect students to read messages sent to their primary University-provided email address in a timely manner.

Inspection, Monitoring or Disclosure of Email

Stony Brook University email, wherever it may be stored or transmitted, belongs to the University, may be audited by the University at any time, and may be subject to disclosure to a third party, including review by authorized law enforcement personnel. Email accounts are subject to review and disclosure, without notice, when required by law, where a violation of law or University policy may exist, where there is a risk of spoliation, bodily harm, property loss or damage, where the University's mission is jeopardized or during the course of routine system administration.

Retention of Email Records

The retention requirement for email is determined by the content of the communication, and not the medium. The legal stewards of retained email messages are determined by the subject matter. A list of campus data stewards may be found in Stony Brook University’s Classification and Use of Information Assets policy (D101).

Termination of Email Accounts

Population Email Account Termination Policy
Students Students will have access to their email account ( for 200 days after being marked as graduated from a Stony Brook degree program or when they are no longer an active student (e.g. no longer registered for classes). Individuals who return as active students within the 200-day period will retain their existing account. If an individual returns as an active student beyond the 200-day grace period, she or he will be issued the same NetID and email account they had before. Graduates have the option to request an email account on the Stony Brook alumni domain, however, data will need to be migrated by the individual.
Faculty/Staff Who Resign Email accounts are disabled one day after the last effective work date entered in the University's administrative system (PeopleSoft).
Faculty/Staff Who Retire Email accounts are disabled one day after the last effective work date entered in the University's administrative system (PeopleSoft).

Retirees have the option of requesting an email account on Stony Brook's retiree domain, however, it will be up to the retiree to migrate their data from the old account to the new account.

Emeritus Faculty Email accounts are extended for life.
Students or Employees Terminated for Cause Email accounts are immediately disabled.

Email access for any of the above populations may be extended if subject to a legal hold. Accounts subject to legal or other holds will be retained until the holds are cleared, but not available for use unless specifically approved. 


Stony Brook University Policies

State and Federal Law


Office of the Chief Information Officer

Room 231, Educational Communications Center

(631) 632-9085

Stony Brook Medicine Information Technology Department

Office of the Chief Information Officer

L4-215 Health Sciences Center

(631) 444-2249

For More Information Contact

Office of the CIO