Prince Sultan University PSU
Policy Management System
E-Mail Usage and Management Policy
Policy Code: | IT0012 |
Policy Title: | E-Mail Usage and Management Policy |
Owner: | Information Technology Center |
Responsible Office/Department: | Vice President for Academic Affairs |
Approved by: | University Council |
Date Created: | February 02, 2017 |
Recent Review: | December 2023 |
Effective date: |
POLICY STATEMENT
PSU email is used for both internal and external communications that serve legitimate purposes. Any personal use of the email should not involve solicitation, or private business trading or personal gain. Copyright regulations should be considered while using the email. Any communication using the email is subject to the same laws, regulations, policies, and other requirements as information communicated in other written forms.
BACKGROUND AND JUSTIFICATION
PSU email is used for both internal and external communications that serve legitimate purposes. Any personal use of email should not involve solicitation, private business trading or personal gain. Copyright regulations should be considered while using email. Any communication using the email is subject to the same laws, regulations, policies, and other requirements as information communicated in other written forms.
SCOPE AND PURPOSE
PRINCIPLES OF THE POLICY
- Professionalism: All emails sent from company accounts should maintain a level of professionalism, reflecting the organization's values and standards.
- Confidentiality: Sensitive information should not be shared or discussed via email unless it is encrypted or otherwise secured.
- Appropriate Use: Company email systems are primarily for business- related purposes. Limited personal use may be permitted if it does not interfere with work responsibilities.
- Data Retention: Emails that are necessary for business operations or legal reasons should be retained as per the PSU’s data retention schedule.
- Privacy: While privacy is respected, employees should be aware that emails sent or received using the company system may be monitored or reviewed for diagnosing or resolving technical issues, investigating possible misuse of email, or for any other business-related purposes.
- Security: Employees should follow best practices to ensure the security of email communications, such as not opening suspicious attachments or clicking on unknown links. In addition, email messages received at PSU’s email shall not be forwarded to personal email accounts.
- No Solicitation: Company email should not be used for unauthorized solicitations, promotions, or personal business ventures.
- Respectful Communication: All email correspondences should be free from offensive, discriminatory, or inappropriate content.
- Legal and Regulatory Compliance: Email usage must comply with relevant laws and regulations, including those concerning intellectual property, privacy, and data protection.
- Resource Management: Emails, especially with large attachments, should be managed efficiently to ensure they do not clog or overburden the system.
- Accountability: Users are accountable for their actions on the company email system and should exercise judgment before sending or forwarding messages.
DEFINITIONS
- Email System: The collection of hardware, software, and processes used to send, receive, and store electronic mail within an organization.
- User: Any individual with access to the company's email system, including employees, contractors, consultants, and other authorized individuals.
- Confidential Information: Data or information that is not public knowledge and which the company has an interest in keeping private, such as trade secrets, customer lists, or financial data.
- Spam: Unsolicited, often irrelevant or inappropriate email messages sent over the internet, typically to large numbers of users, for the purposes of advertising, phishing, or distributing malware.
- Phishing: Fraudulent attempts to obtain sensitive information such as usernames, passwords, and credit card details by disguising as a trustworthy entity in an email.
- Attachment: A file that is sent in conjunction with an email message.
- Encryption: The process of converting data into code to prevent unauthorized access.
- Archive: A collection of stored electronic data, including emails and their attachments, retained for record-keeping purposes.
- Email Signature: A block of text automatically appended at the end of an email message, often containing the sender's name, position, organization, contact details, and other identifiers.
- Malware: Malicious software designed to harm or exploit any device, network, service, or program.
- Forward: The action of sending an email or a copy of an email to another recipient.
RESPONSIBILITIES AND IMPLEMENTATION STRATEGIES
Roles and Responsibilities
- PSU management will make sure that this policy is enforced by deans, chairs, and directors
- ITC is responsible for e-mail security, backup, and disaster recovery.
- PSU users are held responsible for adherence to this policy.
Proper Usage
All PSU e-mail users should comply with this policy, by:
- protecting their email passwords.
- responding to e-mail in a reasonable time.
- deleting any email messages that has offensive materials.
- not using e-mail for business activity or personal gain.
- observing copyright regulations
- not using e-mail for any illegal purpose
- being courteous and follow accepted standards of etiquette
- not using the e-mail system to solicit for causes unrelated to PSU
- not knowingly sending or receiving e-mails that contain a virus
PROCEDURES FOR HANDLING POLICY VIOLATION
Any violation of this policy could result in disciplinary action up to and including termination.