Norwegian version of this page

Help! I must clean up my e-mail.

9 cleanup tips

Clean up your email and delete as much as possible

Everyone at UiO must keep their email tidy and delete as much as possible. There are several reasons for this:

  • Unnecessary data storage leads to unnecessary increased carbon footprint
  • Unnecessary data storage leads to unnecessary costs
  • Unnecessary data storage may violate GDPR (General Data Protection Regulation) which states that no personal information should be stored longer than necessary, and this also applies to information in emails.

Important information should usually be stored elsewhere than in email to be useful, and information that is not important should be deleted.

Tip: Think that everything should be deleted, and pick out the few things you actually need to keep.

 

Cleanup tips

1. Find out how much email you have. Check again later to see how much you have deleted.

Start by finding out how much email you have. The easiest way to do this is from webmail. → See the guide on how to check the size of your e-mail account. Make a note of the email account size so that you can see how much you have deleted at the end of the deletion session.

2. Delete folders with emails about completed activities.

If you have been smart and sorted your emails into folders, it's easy to find the folders for activities that have been completed. If any of the emails there are still important, save them with the final report for the activity or anything else that should be available regarding the activity in the future. Empty the trash in the email program as you delete.

For the future, remember that it is a good idea to create such folders for your activities, making it easier to delete unnecessary emails in the future as well. Remember that information worthy of archiving must be archived in UiO's archive system, and the record-keeping and archiving obligation must be assessed before information is deleted.

3. Delete emails from mailing lists.

Do you receive emails from mailing lists? Mailing lists usually have a fixed text at the beginning of the subject line. Use this text to search for emails from the lists and delete those older than, for example, 6 months, or everything you won’t need. If there's a lot to delete, it's best to use webmail to avoid your email program on your computer freezing. You should set up filtering for emails from lists so that they are sorted into their own folders, making it easy to delete them later. → See the guide to set up filtering.

Also, make sure to unsubscribe from mailing lists you are not interested in.

4. Identify what you want to keep.

Are there emails you know you must keep? Search for them by sender or words in the subject line. Sort such emails into folders so you have order and can easily delete them when they are no longer needed.

Information that is important for others as well should be copied and placed in the correct location, such as a shared area where the associated activity is stored or similar. Archive-worthy information should be archived in ePhorte and should not remain in your email. Talk to your manager about archiving in UiO's archive. Other information that should be available to others should also be stored correctly. → See UiO's classification guide to learn about the different data classes. If you copy information from your email to other locations, remember to delete it from your e-mail after copying.

5. Move out confidential information / red data.

Do you handle confidential information / red data? Then you must delete this from your email because soon it will no longer be allowed to have such information in emails. Discuss with your immediate supervisor how you and your team should handle red data going forward when it will no longer be permitted in emails. Also, discuss what you can search for in your email to find confidential data. Should red data you receive be submitted via a web form instead? Should it be placed in a folder in a restricted access area in Vortex or in a shared area? Move and delete. Create folders for any new emails with red data so that you can easily delete or move the information in the future.

Do I have red data?  

You must assess this yourself. Use your knowledge of you data and the UiO data classification guide.

Those who most often have confidential information (red data) in their e-mail are managers, HR employees, others who work with personnel matters, study consultants, safety representatives, shop stewards, members of appointment boards and the like. But academic staff who work on projects that handle personal data or who have contact with students can also have e-mails with confidential information. Feel free to use UiO's classification guide and the information below in the section "What is e-mail with red data?" if you are unsure what red data is. Please also discuss this with your immediate manager

See UiO's classification guide to learn about the different data classes.

What is e-mail with red data?  

UiO is introducing new guidelines for the storage of confidential information (red data), and it will no longer be permitted to send or store e-mails with such information. If you need to keep confidential information you have in your e-mail today, you must save it correctly or archive it in ePhorte. If you have questions about what should be archicved in ePhorte, please consult your supervisor or local archive staff.

See UiO's storage guide to learn where different types of data can be stored.

What is confidential information (red data)? 

See UiO's classification guide to learn about the different data classes.

Confidential information (red data) is data/information that will cause damage to public interests, the university, individuals or partners if the information becomes known to unauthorized parties.

Confidential information (red data) is information to which the University of Oslo is required to limit access by law, regulations, agreements, regulations and other regulations, or which for other reasons is considered particularly worthy of protection/sensitive. This corresponds to the degree Confidential in the public Protection Directive.

Examples of what confidential information (red data) can be 

  • particular categories of personal data (formerly called "sensitive personal data")

This includes: 
  • information about racial or ethnic origin
  • information about political opinion
  • information about religion
  • information about philosophical beliefs
  • genetic information
  • biometric information (when the processing purpose is to uniquely identify someone)
  • health information
  • information about sexual relationships
  • information about sexual orientation
  • data subject to export control (Export control - regjeringen.no)
  • personnel files
  • some information about e.g. securing buildings and IT systems

Examples: e-mail can be classified as "red data," if it contains:

Note: This is not an exhaustive list, just examples.

social security number, bank details, driving license or passport information

  • health information, such as medical records, diagnoses, treatment history, referrals to specialist health services, health insurance information, sick notes.
  • sensitive work-related documents, such as confidential business strategies, contract details, internal discussions about finances or the like
  • research data with red data
  • sensitive personnel matters or other sensitive HR-related information (including P matters)
  • information related to the institution's IT infrastructure, such as sensitive information about login details, passwords, access codes, API keys, system architecture, security updates, etc.
  • preliminary research results before publication
  • information about critical infrastructure or detailed information about security measures that may compromise the security of buildings or facilities
  • internal memos or communications related to personnel discipline, dismissals or personnel investigations
  • feedback or evaluations of employees that are intended to be confidential between management and HR
  • details of emergency preparedness and crisis management plans not to be made public in order to preserve effectiveness
  • information about people who have address blocking code 7 or who need other special protection

The examples are not intended to be exhaustive. The central point is that red data is information UiO is required to restrict access to, or information that may cause damage to public interests, the university, individuals or partners if the information becomes known to unauthorized parties.

Why do I have to remove red data from my e-mail? 

There are several reasons why you need to remove confidential information (red data) from your email.

UiO considers that there is a risk, albeit small, that unwanted incidents may occur with confidential information (red data) in e-mail. UiO therefore considers that it is no longer permitted to use red data in e-mail. This means that each and every user of e-mail at UiO must remove information that contains confidential information (red data) from their e-mail.

The principles of data minimization and storage limitation mean that it is not permitted to store personal data longer than is necessary for the purpose for which it was collected. This means that when the purpose has been achieved, the information must be deleted. This implies the obvious, that information must be deleted at some point. The fact that information is "nice to have" is not sufficient for storage.

Information containing red data must be deleted from the e-mail, so if it is necessary to keep it further it must be transferred to another approved storage. 

If you have questions about what should be archicved in ePhorte, please consult your supervisor or local archive staff.

See UiO's storage guide to learn where different types of data can be stored.

How to find email with red data? 

There is no conclusive way to find emails that contain red data. However, here are a few tips on how to go about finding emails that may contain red data. You must search both in your inbox, sent e-mail and other folders

  1. Sort by sender

Find out who you are most likely to have exchanged emails containing red data with. Look up the relevant senders and recipients, go through the e-mail correspondence, look for red data, and delete as you go, or create folders in which you put these e-mails to delete later. 

  1. Find email with attachments 

It is more likely that you have sent or received red data by e-mail in attachments. Sort your inbox by e-mails with attachments, go through e-mail correspondence, look for red data, and delete as you go, or create folders in which you put these e-mails to delete later. 

  1. Search for specific keywords 

S?k etter n?kkelord som er spesifikke for r?de data du kan ha sendt eller e-post. Gjennomg? resultatene manuelt for ? sikre at de faktisk inneholde r?de data f?r du sletter dem. 

It is more likely that you have e-mails with red data in your inbox if you are a manager or work with HR and personnel-related matters.

Suggested keywords to search for 
  • Salary negotiation
    • 1.3.5.
    • 2.5.1
    • 2.5.3
    • 2.5.5
  • Notice of illness
  • Date of birth
  • Social security number
  • Work environment
  • Personnel matters
  • sick child
  • Sick
  • Leave
    • Welfare leave
    • Maternity leave

How do I remove red data from my e-mail? 

  • Move emails to be deleted to a separate folder and delete the folder.

  • Move e-mails with red data to be kept further to a separate folder. Move the information to suitable storage and delete the folder with the e-mails in the e-mail application.  

  • Empty the trash in the e-mail application (right-click on Deleted items and select Empty folder)

If you have questions about what should be archicved in ePhorte, please consult your supervisor or local archive staff.

See UiO's storage guide to learn where different types of data can be stored.

Keep your motivation up during the clean-up by observing that tha amount of e-mail you have, shrinks steadily. →See the guide on how to check the size of your e-mail account.

What should I do if I have email with red data that I need to be keep?

Archive-worthy information 

Remember that information in e-mail may be subject to legal or accounting retention requirements. You must file such information in the UiO records management and archive system immediately after receipt. If you still have archive-worthy information in your e-mail that has not been archived, you delete it after you have archived it. Make sure you don't delete emails that you are obligated to keep.  

E-mail that is subject to legal or accounting retention requirements must be archived in the UiO records management and archive system ePhorte according to current archiving routines. If you have questions about what should be archicved in ePhorte, please consult your supervisor or local archive staff.

Records management and archives - For employees - Universitetet i Oslo (uio.no) 

Other confidential information (red data) you need to keep 

If you find e-mails with confidential information (red data) that need to be kept further, but are not archive-worthy of, you will find the correct storage location in the UiO Storage Guide.  →See UiO's storage guide to learn where different types of data can be stored.

6. Delete emails you have alteady sent.

Go to Sent Items, and delete e-mail you no longer need. Start with the oldest e-mails, and work your way through them. If there is a lot to delete, it’s a good idea to use webmail to avoid your email program on your computer from freezing..

7. Take a deep breath, and start with the inbox or other folders that still have a lot of emails.

Scroll through the inbox or the folder. Start with the oldest emails first. Look over all the messages displayed on the screen. Move any messages you need to keep to their own folders (see above), and when you only see emails you can delete, select them and press the Delete key. Then select the top email, scroll down until you see that the one that was at the top is now at the bottom of the window, and start again by moving out any emails you need to keep. Remember that the information in your email is only useful and accessible to you. Continuously assess whether emails you want to keep should perhaps be moved to a shared area or similar where the information can also be useful to others. If there is a lot to delete, it’s a good idea to use webmail to avoid your email program on your computer from freezing.

8. Consider whether you want automatic deletion of emails based on their age.

You can set up individual folders in your email so that old emails are deleted automatically. For example, you can set it so that all messages in a folder older than one year are deleted automatically. You can use automatic deletion for several folders, such as alerts or mailing lists with information that quickly becomes irrelevant. Remember that information worthy of archiving must be archived in UiO's archive system, and the record-keeping and archiving obligation must be assessed before information is deleted.

Settings for automatic deletion are called retention policies.

→ See the guide for setting up automatic deletion in folders

9. Check to see how much you have deleted.

→See the guide on how to check the size of your e-mail account. Compare to the amount of email you had when yuo started.