Why Have an E-Mail Policy?
by Steve McGinn
|
In a survey conducted in 2000, it was estimated that there were more than 570 million electronic mailboxes in the world. The same study reflected that more than two-thirds of the U.S. work force used e-mail at work. In another survey of over 800 workers, 31 percent of those surveyed admitted to sending out confidential information via e-mail; 55 percent admitted to exchanging racist or sexist e-mails; and 60 percent admitted to having sent or received adult-oriented material.
The laundry list of lawsuits involving company e-mails and the multimillion-dollar settlements relating to improper e-mails leave little doubt as to whether or not e-mail policies and procedures should be a well-established practice in our public entities.
In almost all instances of dispute, the employer will be held responsible for any transmissions relative to the use of its equipment. These disputes can be reflected in numerous categories, including:
Legal Liability: e.g. misrepresenting your competitor, sexual harassment, etc.
Confidentiality Breaches: right material to wrong person.
Damage to Reputation: badly written letters.
Loss of Productivity: A recent survey showed 86 percent of employees use employer computers for personal e-mail.
As can be seen, the need for an e-mail policy is very evident. So let’s roll our sleeves up – we are on our way to creating an e-mail policy.
If we search the Internet, we can find a multitude of e-mail policies and procedures, but it is important that we develop one around our local-government culture, not necessarily one for a university system or the Centers for Disease Control.
To begin with, it is important that we convey to our employees why in fact we need a policy. They need to know that their actions have serious consequences. A good policy will indicate who the authorized users are. It will make the user aware of the privacy limitations of e-mail, and it will greatly reduce your liability exposure.
|
|
A good e-mail policy will underscore how e-mails should be constructed, and the importance of image projection based on their content. The well-defined policy will leave no misinterpretations as to personal use of computers and the specific consequences of non-compliance.
A serious consideration is to address the area of prohibited content; nothing offensive, racial, sexual, religious or political should be permitted.
Unless required by law, a good policy will suggest e-mail deletion guidelines for general e-mail and will address archiving of others. It also will discuss the handling of confidential data. Basically, the e-mail policy should address the dos and don’ts of e-mail use.
A disclaimer attached to e-mails is a good practice. The disclaimer always should be reviewed by your city attorney prior to its implementation.
There should be no expectations of privacy. If you plan to review or monitor employee e-mail, this must be clearly defined in your e-mail policy. A company should retain the option to review or not review, thus eliminating the requirement to do one or the other and possibly face a lawsuit for failure to abide.
As with all policies and procedures, your e-mail policy should be made easily accessible to all of your employees through your policies and procedures manual, and through other areas utilized for posting of general employee information, including the computer. The following is the e-mail policy used by the Florida League of Cities.
|
|
1.0 E-Mail System
1.1 Use of E-Mail:
1.1.1 Access to E-Mail: E-mail access will be granted to all Florida League of Cities employees with computer technology capable of executing the programs unless specifically denied by the department head.
1.1.2 Use of E-Mail: Use of the e-mail system is intended for League-related business. Incidental and occasional personal use of the e-mail systems is permitted by the League, but these messages will be treated the same as other messages. All employees are to use e-mail as they would any other type of official League communications tool. When any e-mail is transmitted, both the reader and sender should consider if the communication falls within ethical guidelines. No communication should contain confidential information. Communication by e-mail is encouraged when it results in the most efficient and/or effective means of communication.
1.1.3 Ownership: The system belongs to the League, and the contents of e-mail communications are accessible at all times by the League for any business-related or other purpose. These systems may be accessed at any time, with or without advance notice. Although an employee may have a personal password, the League – without an employee’s knowledge or consent – can access e-mail. Nothing on the e-mail system, therefore, should be considered confidential.
1.1.4 Prohibitions:
1.1.4.1 E-mail may not be used for soliciting or proselytizing for commercial ventures, job searches, chain letters, religious or personal causes or outside organizations or other similar, non-job-related solicitations.
1.1.4.2 Employees may not use the League’s e-mail system in any way that may be seen as insulting, disruptive or offensive by other persons, or harmful to morale. Examples of forbidden transmissions include sexually explicit messages, cartoons or jokes; unwelcome propositions or love letters; ethnic or racial slurs; or any other message that can be construed to be harassment or disparagement of others based on their sex, race, sexual orientation, age, national origin, or religious or political beliefs.
1.1.4.3 Use of e-mail to send copies of documents in violation of copyright laws.
1.1.4.4 Use of the e-mail system to compromise the integrity of the League or its business in any way.
1.1.4.5 Use of Web-based e-mail for either personal or business-related usage is strictly prohibited, as this method of sending/receiving e-mail bypasses our security perimeter and virus-scanning tiers. All e-mail must be sent and received by the client-side Outlook E-mail application.
1.1.4.6 Use of e-mail to offer for sale non-League-related items.
1.1.5 Abuse of E-Mail: Abuse of this medium by engaging in prohibited acts may result in disciplinary action, up to and including termination.
1.1.6 Retention of E-Mail: Although some periodic backup of e-mail by the League’s Technology Services Department may be done for various reasons, this backup is not designed to ensure recovery of current e-mail data. Employees must set up their own retention procedures to ensure that messages of value are saved.
1.1.7 Message Sent to Everyone: Any message sent to EVERYONE (all League staff in any location) must first be approved by a department head or the executive director. |
|
Employee Knowledge of the Policies: At least every 60 days, all employees will be asked to read these policies and indicate they agree before being granted access to League computer systems. This will be accomplished by providing a copy of the policy at time of sign-on, and an employee must indicate that he or she agrees before the system will allow further access. The agreement will be retained in a database along with a date-and-time stamp.
So there it is. If you have any questions about the development of your e-mail policy, please contact Steve McGinn via e-mail or by phone at (407) 425-9142.
Steve McGinn is director of policy holder relations for the Florida League of Cities Department of Public Risk Services.
Reprinted from Quality Cities May/June 2004
Back to Top
Back to Quality Cities Resource Library Listing
|
|
