E-Mail Usage and Management Policy
Effective September 13, 2004
Introduction and Statement of Purpose
Electronic mail (e-mail) refers to the electronic transfer of information typically in the form of electronic messages, memoranda, and attached documents from a sending party to one or more receiving parties via an intermediate telecommunications system. E-mail is a core tool utilized by State agencies to improve the way they conduct business by providing a quick and cost-effective means to create, transmit, and respond to messages and documents electronically. Well-designed and properly managed e-mail systems expedite business communications, reduce paperwork, and automate routine office tasks thereby increasing productivity and reducing costs. These opportunities are, however, at risk if e-mail systems are not used and managed effectively.
The purpose of this policy is to promote the use of e-mail as an efficient communication and data gathering tool, to ensure that State agencies have the information necessary to use e-mail to their best advantage in supporting agency business, to avoid non-work-related distractions of employees, to avoid subjecting the State’s e-mail system to computer viruses, and to otherwise avoid interfering with or damaging the effective functioning of the State’s e-mail system. By establishing and maintaining compliance with a policy for appropriate use and management of e-mail, risks and costs to agencies can be mitigated while maximizing the potential of this communication tool.
This policy applies to all State employees, as well as contract staff, who use the State’s electronic mail.
It is the policy of Maine State Government that e-mail is used for internal and external communications that serve legitimate state government functions and purposes. Any personal use must be of an incidental nature and not interfere with business activities. Personal use must not involve solicitation, must not be associated with any outside business activity or personal gain, must not be libelous or defamatory, must not violate the State of Maine Policy on Employee Harassment, must not potentially embarrass the State of Maine, its residents, its taxpayers, or its employees or be used for any unlawful purpose. Copyright restrictions and regulations shall be observed. The information communicated over agency e-mail systems is subject to the same laws, regulations, policies, and other requirements as information communicated in other written forms and formats and is not to be utilized for political purposes.
Each State agency is responsible for enforcing this policy and establishing management practices consistent with this policy that, among other goals:
- support agency business;
- reduce legal and other potential risks;
- define managerial authority over e-mail communications;
- describe the appropriate use of e-mail communications;
- train employees in e-mail use and policies; and
- provide for necessary records retention, accessibility, and protection.
Agencies with special requirements for information confidentiality (for example, confidential client records) may be required to establish additional safeguards to protect this data.
Access to E-mail Services
E-Mail services are provided to all appropriate staff and contractors within departments. To request access, contact the Bureau of Information Services or appropriate agency personnel. 0 -0
Privacy and Access
- Mail messages are not personal and private. Managers, supervisors, and technical staff may access an employee’s e-mail in accordance with the department security policy for reasonable business purposes, including but not limited to:
- for a legitimate business purpose (e.g., the need to access information when an employee is absent);
- to diagnose and resolve technical problems involving system hardware, software, or communications; and/or
- to investigate possible misuse of e-mail when a reasonable suspicion of abuse exists or in conjunction with an approved investigation.
- An employee, with the exceptions noted above, is prohibited from accessing another user's e-mail without his or her permission.
- All e-mail messages including personal communications may be subject to discovery proceedings in legal actions.
- All e-mail messages sent or received and which are not otherwise protected by law, are public documents and may be released to the public under the Freedom of Access Law.
E-mail security is a joint responsibility of technical staff and e-mail users. Users must take all reasonable precautions, including safeguarding and changing passwords, to prevent the use of their e-mail account by unauthorized individuals.
Management and Retention of E-mail Communications
A . Applicable to all e-mail messages and attachments
Since e-mail is a communications system, messages should not be retained for extended periods of time.
- remove or archive all e-mail communications in a timely fashion.
- delete records of transitory or little value that are not normally retained in record keeping systems as evidence of an agency’s activity.
B. Applicable to records communicated via e-mail
E-mail created in the normal course of official business and retained as evidence of official policies, actions, decisions or transactions are records and are subject to the records management requirements documented by the Maine State Archives. (A copy of the Maine State Archives’ guide to e-mail retention is attached.) Records communicated using e-mail need to be identified, managed, protected, and retained as long as they are needed to meet operational, legal, audit, research or other requirements.
For agency specific questions surrounding record retention requirements contact Records Management at the Maine State Archives for assistance.
Examples of messages sent by e-mail that typically are records include:
- policies and directives
- correspondence or memoranda related to official business
- work schedules and assignments
- agendas and minutes of meetings
- drafts of documents that are circulated for comment or approval
- any document that initiates, authorizes, or completes a business transaction
- final reports or recommendations
Some examples of messages that typically do not constitute records are:
- personal messages and announcements
- copies or extracts of documents distributed for convenience or reference
- phone message notes
Roles and Responsibilities
- Executive management will ensure that the policy is implemented by program unit management and unit supervisors.
- Unit managers and supervisors will develop and/or publicize record keeping practices in their area of responsibility including the routing, formatting, and filing of records communicated via e-mail. They will train staff in appropriate use, including appropriate personal use of e-mail that does not result in performance issues, and be responsible for ensuring the security of physical devices and passwords.
- Network administrators and internal control (and/or internal audit) staff are responsible for e-mail security, backup, and disaster recovery.
- Users are responsible for adherence to this policy.
All e-mail users will understand and comply with this policy, including but not limited to:
- understand that personal use must be of an incidental nature only
- comply with agency and unit policies, procedures, and standards
- protect confidentiality
- be aware that sending e-mail of a political nature (supporting candidates, soliciting contributions, etc.) is against the law and subject to criminal penalties (5 U.S.C. §1501 et seq., and 5 M.R.S.A. §7056-A 5 M.R.S.A §1976)
- immediately delete any chain letters received through the State’s e-mail system
- consider organizational access before sending, filing, or destroying e-mail messages.
- protect their passwords
- receive approval of supervisor and permission from the Commissioner of the Department of Administrative and Financial Services, or her designee, before sending state wide communications http://inet.state.me.us/dafs/policies.htm
- respond to e-mail in a timely fashion
- do not in any way use e-mail access or transmit prohibited content of a sexual nature
- delete any messages that may contain offensive material and report to management
- remove personal messages, transient records, and reference copies in a timely manner.
- not use e-mail for outside business activity or personal gain
- observe all copyright restrictions and regulations
- not use e-mail for any unlawful or illegal purpose
- not use e-mail to promote discrimination on the basis of race, religion, national origin, disability, sexual orientation, age, marital status, gender, or political affiliation
- not create e-mails that may be defamatory or libelous
- consider organizational access and retention requirements before sending, filing, or destroying e-mail messages
- be courteous and follow accepted standards of etiquette
- must not use the e-mail system to solicit for causes unrelated to state business
- must not knowingly send or receive e-mails that contain a virus
Violations of this policy
Any violation of this policy could result in disciplinary action up to and including termination.
Policy Review and Update
The Office of Chief Information Officer will periodically review and update this policy as new technologies and organizational changes are planned and implemented. Questions concerning this policy should be directed to the Chief Information Officer.
Policy for Use of State E-mail System for Widespread Dissemination to State Employees http://inet.state.me.us/dafs/policies.htm