10 points to include in your email policy

Posted by Deborah on August 20, 2006 in Email policy, Email compliance

Email policies are important since they spell out what the company considers as appropriate email usage and more importantly, what is considered as inappropriate usage. You can either create a separate email usage policy or you can include an email policy section in your Employee handbook. In both cases it is a good idea to ask the employees to sign the policy, indicating that they have read and understood the document.

What kind of subjects should you cover in your email policy? Here is a list of then points to include:

#1 Email risks: The policy should list email risks to make users aware of the potential harmful effects of their actions. Advise users that sending an email is like sending a postcard: if you don”t want it posted on a bulletin board, then don”t send it.

#2 Best practices: This should include email etiquette and writing rules in order to uphold the good reputation of the company and to deliver quality customer service. For instance, include 5 etiquette rules: 1. Use proper grammar and punctuation, 2. Enable spell checking, 3. Read the email before you send it. 4. Include a signature conform company format, 5. Do not write emails in capitals. Also include instructions on compressing attachments to save bandwidth.

#3 Personal usage: The policy should state whether personal emails are accepted and if so, to what extent. You can for instance set limits on the times of day that personal emails can be sent (only during breaks), or you could require personal emails to be saved in a separate folder. In addition, state that employees are prohibited from sending or receiving certain email attachments, such as exe, mp3 or vbs files. You could also include a maximum file size for attachments sent via email.

#4 Wastage of resources: Warn users that they are making use of the company’s email system and that they should not engage in non-business activities that unnecessarily tie up network traffic. The policy must also cover the use of newsletters & newsgroups. For instance you can state that employees may only subscribe to a newsletter or newsgroup if this directly relates to their job.

#5 Prohibited content: The policy should expressly state that the email system is not to be used for the creation or distribution of any offensive, or disruptive messages, including messages containing offensive comments about race, gender, age, sexual orientation, pornography, religious or political beliefs, national origin or disability. State that employees who receive any emails with this content should report the matter to their supervisor immediately. Moreover, employees should not use email to discuss competitors, potential acquisitions or mergers or to give their opinion about another firm. Unlawful messages, such as copyright infringing emails should also be prohibited.

#6 Document retention policy: Include information on whether or not email will be archived and for how long. If your organization is required to archive email messages, state that all emails will be archived and include the number of years that the records will be kept. If you are not required to archive your emails, notify your users about whether they can or should delete emails after a number of months or years.

#7 Treatment of confidential data: Include rules and guidelines on how employees should deal with your company’s confidential information and trade secrets. They should also be aware that they should not forward any confidential messages or attachments from other companies without permission. Make employees encrypt any confidential information that is sent via email and change passwords regularly.

#8 Email disclaimer: If you are adding a disclaimer to employees” emails, you should inform them of this and state the disclaimer text that is added.

#9 Email monitoring: If you are going to monitor your employees” emails, you must state this in your email policy. Warn that employees should have no expectation of privacy in anything they create, store, send or receive on the company’s computer system and that the company may, but is not obliged to monitor messages without prior notice. If you do not mention that the company is not obliged to monitor messages, an employee could potentially sue the company for failing to block a particular message.

#10 Measures & violation reporting: Warn that if an employee is found to be in breach of the email policy rules, this could result in disciplinary action, up to and including termination. If an employee witnesses email policy abuse they are required to report the incident immediately. Include contact details of who to contact if a violation of the policy rules is detected. This could be a supervisor but it might also be a good idea to appoint a specific contact person to report email policy breaches to.

Comment

Log in or Register to post a comment.

More

Read more posts by Deborah

About the Author

Deborah Galea is co-founder and COO of Red Earth Software based in Silicon Valley, California. After completing her Masters degree in European Studies (with a major in Communications) at the University of Amsterdam in 1994, Deborah completed a traineeship at the European Commission. She decided to follow her public relations passion and went on to hold PR & communications positions at the Sdu Informatie Bank (Dutch state publishers) and Hill and Knowlton (pr agency). After founding and successfully running a UK software distributorship for five years, where she was responsible for PR, marketing and daily operations, Deborah decided to co-found Red Earth Software in 2001 and apply herself to creating useful ‘down to earth’ software that solves real business problems. View Deborah’s Linked in profile at: http://www.linkedin.com/pub/4/890/394.

The top 10 spam characteristics (#6-10)