Log Data Access and Retention Policy

Category: Information Technology
Responsible Office: UBIT
Responsible Executive: Vice President and Chief Information Officer (VPCIO)
Date Established: July 14, 2010
Date Updated: August 6, 2024

This University at Buffalo Information Technology (UBIT) policy identifies the access and retention rules for log data stored on central servers and networked equipment managed by UBIT.

UBIT follows the retention guidelines found in the Guidelines for Retention of Security Log Data. Log access is restricted to UBIT staff.  Log data may be provided to non-UBIT staff for litigation holds, Freedom of Information Law (FOIL) requests, and security investigations.  Log data may also be provided to non-UBIT staff for other university administrative purposes, as approved by UBIT.

This UBIT policy applies to log data on central servers and networked equipment managed by UBIT.

Log Data

Records of individual events that have happened in a system. They are vital for systems troubleshooting and analysis. For example, web servers automatically save usage and activity information such as the date, time, IP address, HTTP status, bytes sent, and bytes received.

Vice President and Chief Information Officer

• Approves, or appoints a designee to approve, requests for access to log data.

Director, Enterprise Infrastructure Services

• Manages log data stored on central servers and networked equipment in UBIT.

Vice President and Chief Information Officer
Phone: 716-645-7979
Email: cio@buffalo.edu

Information Security Office - Privacy Contact
Phone: 716-645-6997
Email: privacy@buffalo.edu

University Documents

• Data Access Procedure
• Data Risk Classification Policy
• Guidelines for Retention of Security Log Data
• Handling Restricted Data at UB
• Protection of University Data Policy

Back to Top