Do you have an Email policy in place for your organization? If you don’t, you’d better get one fast. Email policies are important since they spell out what the company considers as appropriate email usage and more importantly, what is considered as inappropriate usage. You can either create a separate email usage policy or you can include an email policy section in your Employee handbook. In both cases it is a good idea to ask the employees to sign the policy, indicating that they have read and understood the document.

What kind of subjects should you cover in your email policy? Here is a list of ten points to include:

#1 Email risks: The policy should list email risks to make users aware of the potential harmful effects of their actions. Advise users that sending an email is like sending a postcard: if you don’t want it posted on a bulletin board, then don’t send it.

#2 Best practices: This should include email etiquette and writing rules in order to uphold the good reputation of the company and to deliver quality customer service. For instance, include 5 etiquette rules: 1. Do not write emails in capitals, 2. Enable spell checking, 3. Read the email before you send it.4. Include a signature conform company format, 5. Use proper grammar and punctuation. Also include instructions on compressing attachments to save bandwidth.

#3 Personal usage: The policy should state whether personal emails are accepted and if so, to what extent. You can for instance set limits on the times of day that personal emails can be sent (only during breaks), or you could require personal emails to be saved in a separate folder. In addition, state that employees are prohibited from sending or receiving certain email attachments, such as exe, mp3 or vbs files. You could also include a maximum file size for attachments sent via email.

#4 Wastage of resources: Warn users that they are making use of the company’s email system and that they should not engage in non-business activities that unnecessarily tie up network traffic. The policy must also cover the use of newsletters & newsgroups. For instance you can state that employees may only subscribe to a newsletter or newsgroup if this directly relates to their job.

#5 Prohibited content: The policy should expressly state that the email system is not to be used for the creation or distribution of any offensive, or disruptive messages, including messages containing offensive comments about race, gender, age, sexual orientation, pornography, religious or political beliefs, national origin or disability. State that employees who receive any emails with this content should report the matter to their supervisor immediately. Moreover, employees should not use email to discuss competitors, potential acquisitions or mergers or to give their opinion about another firm. Unlawful messages, such as copyright infringing emails should also be prohibited.

#6 Document retention policy: Include information on whether or not email will be archived and for how long. If your organization is required to archive email messages, state that all emails will be archived and include the number of years that the records will be kept. If you are not required to archive your emails, notify your users about whether they can or should delete emails after a number of months or years.

#7 Treatment of confidential data: Include rules and guidelines on how employees should deal with your company’s confidential information and trade secrets. They should also be aware that they should not forward any confidential messages or attachments from other companies without permission. Make employees encrypt any confidential information that is sent via email and change passwords regularly.

#8 Email disclaimer: If you are adding a disclaimer to employees’ emails, you should inform them of this and state the disclaimer text that is added. Download the free white paper ‘Email Disclaimers – The legal and practical issues’ to learn more about why you need to add email disclaimers.

#9 Email monitoring: If you are going to monitor your employees’ emails, you must state this in your email policy. Warn that employees should have no expectation of privacy in anything they create, store, send or receive on the company’s computer system and that the company may, but is not obliged to monitor messages without prior notice. If you do not mention that the company is not obliged to monitor messages, an employee could potentially sue the company for failing to block a particular message.

#10 Measures & violation reporting: Warn that if an employee is found to be in breach of the email policy rules, this could result in disciplinary action, up to and including termination. If an employee witnesses email policy abuse they are required to report the incident immediately. Include contact details of who to contact if a violation of the policy rules is detected. This could be a supervisor but it might also be a good idea to appoint a specific contact person to report email policy breaches to.

© Copyright Red Earth Software ®, 2006-2009, All rights reserved

http://digitalcyberpro.com/wp-content/uploads/2016/08/Info-security-1024x1024.jpghttp://digitalcyberpro.com/wp-content/uploads/2016/08/Info-security-150x150.jpgcyberproscyberpro
Do you have an Email policy in place for your organization? If you don't, you'd better get one fast. Email policies are important since they spell out what the company considers as appropriate email usage and more importantly, what is considered as inappropriate usage. You can either create a...