formerly Disappearing Inc...
  Home | About Us | Contact Us | Privacy Policy 

Why Control Email
The Costs
Case Studies

Policy Manager
Components
Policy Support
Easy to Use
How it Works

Download Free
Trial Product

Corporate Sales
Request Info
Contact Sales

News & Events
In the News
Announcements
Events & Shows

Service & Support
FAQs
User Guide
Technical Support

Email Policy Guidelines

Guidelines for Developing an Email Policy

Email is best managed through a combination of technology and policy. Policies can range from extremely conservative to extremely liberal in their accepted use of email, user responsibilities, and retention policies. Your email policy should be realistic and enforceable. Consider developing the policy with a cross-functional team that includes your information technology and records management professionals, legal counsel and user representatives. Once established, the policy should be communicated to all employees, updated as necessary, and redistributed on a periodic basis.

When developing your email policy, you should

  • Recognize and communicate the need to manage email messages as business records.
  • Identify and define individual users' levels of responsibility for managing email records.
  • Make system use contingent upon acceptance of and compliance with the company's email policy.
  • Identify and define the primary purpose for email use (e.g., business communications) and other acceptable or authorized uses of the email system (e.g., none, limited personal use, unlimited personal use).
  • Provide guidelines for acceptable content (e.g., business appropriate tone, language and subject) and unacceptable content (e.g., chain mail, jokes, discriminatory material).
  • Identify and define the process for managing email retention, including technologies used and each user's role (e.g., determining record value, transferring messages to a records management system, the use of Disappearing Email).
  • Establish a process for applying destruction holds to records affected by pending legal action.
  • State that all messages sent or received using company resources are the property of the company.
  • State that employees should have no expectation of privacy.
  • Disclose that messages will be accessed, reviewed and monitored by the company without notice to the employee to ensure compliance with policy.
  • Clearly identify and communicate the repercussions for non-compliance with the policy (e.g., removal of email privileges, fines, suspension, dismissal).

To supplement your email policy, you may also want to address the following

  • Computer resource, web-browser, and Internet use policy.
  • Training and educational resources available to assist users in applying the technology, policy and procedures to messages.
  • Contact information for individuals who can answer questions regarding the policy.
  • User procedural documentation (e.g., instructions for transferring record-value messages to a records management system).
  • Information systems and records management professionals procedural documentation (e.g., backup procedures, destruction hold procedures, encryption key extension procedures, retention schedule updates).

Ernst & young and Omniva Policy Systems have teamed up to provide email records management services. For more information about Ernst & Young's Records Management Program, contact Mark Vitalie, CRM, at Ernst & Young, email mark.vitalie@ey.com.