How to implement an email policy
- 1 Get samples of email policies and email disclaimers (for example, by searching on the Internet).
- 2 Set up an individual password-protected account for each employee and any general addresses (eg email@example.com).
- 3 Establish who is responsible for each account and how incoming emails will be handled when an employee is absent.
- 4 Establish security procedures and systems, such as password control, encryption and virus-checking software.
- 5 Encourage appropriate business use of email.
- 6 Specify what use of email is prohibited; ban the use of email for sending or receiving offensive material or engaging in illegal activities.
- 7 Set limits on personal use of email: for example, prohibiting transmitting large attachments or joining busy mailing lists.
- 8 Set up personalised signatures for outgoing e-mails including key company information (your company’s registered name, place of registration, registration number; and address of its registered office)..
- 9 Set up a standard disclaimer; consider whether you want to include a disclaimer of any contractual significance for emails.
- 10 Establish rules on sending confidential and personal information; check that these meet the requirements of data protection regulations.
- 11 Set a standard response time for replying to emails.
- 12 Let employees know how emails are monitored and stored; ensure that any monitoring complies with legal restrictions protecting privacy.
- 13 Communicate the policy to all staff and provide appropriate training in effective use of email and the legal issues.
- 14 Clarify the disciplinary consequences of breaching the policy, and consistently enforce the policy.
- set up IT systems in a way which helps support the policy
- encourage appropriate use
- clearly explain prohibited use
- provide training
- think about data protection
- read employees' emails unnecessarily and illegally
- ignore breaches of the policy