Electronic Mail (email) Policy

Electronic Mail (email) Policy

Sponsor:	Information Technology Services
Contact:	Chief Information Officer and Vice President for Information Technology Services
Category:	Information Security and Technology
Number:	1000.004
Effective Date:	09/08/2006
Implementation History:	Sept. 8, 2006
Keywords:	Electronic, email
Background Information:

Purpose

Explains conditions for use of college electronic mail

Definitions

Statements

APPLICATION

This policy applies to electronic mail (email) on the college network.

POLICY

Network resources, including email accounts, are available to college faculty, and staff in furtherance of the college’s education, research, and public service missions. Access to email service may be provided to other users only on specific approval from the Vice President for Educational Technology (CIO), in accordance with SUNY policy.

1. Conditions for Use of College Email Accounts
   Email accounts provided by the college to employees are intended for college business.
   
   The college does not guarantee the confidentiality of email services. Although every effort is made to preserve the integrity of the college email system, users should be aware that the interception of email messages on shared networks is possible. Email messages should be appropriately protected, using available encryption technologies when appropriate.
   
   The owner of an email account is responsible for its use and is presumed to send all email actually sent from that account. Users may not alter an email address to disguise or block the identity of the sender.
   
   Email passwords and other credentials may not be shared. Email systems that rely exclusively on a User ID/password combination for security shall require periodic password changes to insure that the account maintains its integrity.
   
   Users may not view, copy, alter or destroy another’s email without permission unless authorized or required to do so by law or policy.
   
   Email may be scanned automatically for malicious content (viruses, spam, phishing attacks) and deleted without warning.
   
   
2. Inspection, Monitoring or Disclosure of Email
   Email records residing on college-owned machines belong to the college, may be audited by OIT at any time, and may be subject to disclosure to a third party, including review by authorized law enforcement personnel.
   
   Email accounts are subject to review and disclosure without notice when required by law, where a violation of law or college policy may exist, where there is a risk of unauthorized use, bodily harm, property loss or damage, where the college’s mission is jeopardized or during routine system administration.
   
   
3. Bulk Transmissions
   
   1. Broadcast Emails
      Broadcast messages (formatted for distribution to more than 100 individual recipients) or email messages to the entire or specific segments of the college community require pre-approval from the President, Vice Presidents, Provost or the CIO. Communications from instructors and academic center deans/directors to current students in connection with instructional activity are exempt from this provision, as are internal communications to individual area of study and center/office lists.
      
      Due to server demand and increased risk of viruses, distributed messages should be short and contain no attachments. When an authorized message refers to a longer document, that document should be referenced in an embedded link.
   2. Distribution Lists
      Distribution lists shall be developed for a specific purpose. Users who develop personal distribution lists must insure, prior to distribution, that each recipient is willing to receive the communication. Use of these lists for other than stated purposes is not permitted.
      
      
4. Retention of Email Records
   
   OIT email services are backed up daily. Email messages stored on a server within the backup cycle may be retrieved even if the user has deleted them. Local copies of email files are the user’s responsibility.
   
   
5. Closing an Email Account
   
   Employee email accounts are shut down on the date of separation from the college.
   
   Emeritus faculty may request email services, by using either the college’s forwarding service or by maintaining a full email account on the college’s email server, by request to the Office of Human Resources.

INQUIRIES/REQUESTS:
Office of the Vice President for Information Technology Services
Three Union Avenue
Saratoga Springs, NY 12866
Phone: 518-587-2100, ext. 2484

Applicable Legislation and Regulations

Related References, Policies, Procedures, Forms and Appendices

(This policy is based on SUNY Stony Brook policy 106.)