Guidelines on use of e-mail
Electronic mail is an important communication tool for conducting University business. E-mail also comprises part of the business records of the university to the same extent as printed materials.
- Once you send or forward an e-mail you have no control over what a recipient may do with it. This can lead to the unintended disclosure of personal information or confidential information. Be prudent about e-mail messages that you send or forward and what you attach.
- Avoid use of e-mail to transmit sensitive personal or confidential information. If you must use e-mail to communicate, consider how to minimize the consequences of unintended disclosure (e.g., by disclosing only some information or by deleting personal identifiers).
- Communicate sensitive information to individuals by using university web facilities where individuals are required to authenticate in order to achieve access. E-mail can then be sent to these individuals when new material is available.
- When your e-mail contains sensitive personal or confidential information:
- verify the e-mail addresses of recipients
- avoid using the “reply to all” feature
- include the following statement at the bottom of the e-mail:
"The information in this message, including any attachments, may contain confidential information intended only for the person(s) named above. Any other distribution, copying or disclosure which is not necessary and proper in the discharge of the University's functions is strictly prohibited. If you are not the intended recipient or have received this message in error, please notify us immediately by reply e-mail and permanently delete the original transmission from us, including any attachments, without making a copy. Thank you.”
- E-mail sent over the internet is especially vulnerable to privacy breaches or unintended disclosure. University employees are expected to use university provided e-mail facilities for the transmission of work related e-mail. Further, e-mail and associated attachments must be stored in a location and way in which privacy is protected.
- If an e-mail has some ongoing administrative, financial, legal, research or historical value, file it in a way that facilitates retrieval by others (e.g., by printing it or saving an electronic copy where it will not be routinely deleted).
- Regularly dispose of e-mails that have only short-term, immediate or no value except those which relate to a Freedom of Information and Protection of Privacy Act (FIPPA) access request or an ongoing legal dispute. The Privacy Officer or the Secretary of the University will notify you when e-mails should be retained because of a FIPPA request.