Click here to skip to main content.
scenic picture from Washington state
RESEARCH TOOLSSAMPLE DOCSGOV DOCS › Policy on E-mail Acceptable Use
 
WSAO Policy on E-mail Acceptable Use

Sample Only

Washington State Auditor's Office
Policy on Security and Use of Electronic Mail
April 1996

INTRODUCTION

    This policy outlines office requirements for the security and use of electronic message systems (e-mail) including the disclosure and monitoring of the contents of messages and electronic files stored in the system.

    While all e-mail may be considered writings, and all writings may be public records, the public does not have a right to examine every public record. RCW Chapter 42.17 exempts broad categories of records, while other statutes provide for confidentiality of specific records.

    Confidential and sensitive issues such as performance reviews, disciplinary actions, and attorney-client privileged information should not be communicated via e-mail. If a communication must be private, use interoffice mail and mark it "CONFIDENTIAL."

    The effective management and application of information technology improves the quality of service delivered to Washington's citizens, the productivity of the state work force, and the overall cost effectiveness of state operations. E-mail plays an increasingly important role in meeting this challenge.

POLICY NO. 1

    State Auditor's Office Employees Shall Use State-Provided E-Mail Systems Only For State Business Purposes

    Description

      All office information technology resources, including e-mail systems, are the property of the state of Washington. Employees shall use e-mail for state business or otherwise to advance the Office's best interests.

POLICY NO. 2

    State Auditor's Office E-Mail Systems Shall Not Be Used For Transmission Or Storage Of Information That Promotes Discrimination

    Description

      Employees shall not use state-provided e-mail media in a fashion that promotes discrimination on the basis of race, creed, color, gender, religion, disability or sexual preference; sexual harassment; copyright infringement; an employee's personal political beliefs or personal business interests; or any unlawful activity.

POLICY NO. 3

    Employees Must Use Judgment On The Type Of Information Sent Through E-Mail

    Description

    Confidential conversations (e.g., personnel issues, messages regarding corrective/disciplinary actions should not be sent over e-mail).

    Employees should be aware that messages may be forwarded to others by the recipient, printed in a location where individuals other than the intended recipient may view the message, or directed to the wrong recipient.

POLICY NO. 4

    Each User Will Maintain A Unique Password

    Description

      Employees should be aware that messages cannot be protected from unauthorized access caused by the user failing to maintain password confidentiality or leaving the computer unattended when he or she has logged onto the system.

POLICY NO. 5

    The Office May Access An Employee's E-mail Media

    Description

      The Office may access data that is normally under an individual's control without the consent of the individual employee when necessary to carry out normal business functions, or if suspicious of possible misuse of any of the items listed above.

      The supervisor shall notify the affected employee within 48 hours when information under the employee's control has been accessed.

    PROCEDURES FOR ACCESS TO EMPLOYEE'S E-MAIL FILES:

Action by Supervisor:

    1. Submits a written request for access to their appropriate manager.

Action by Manager:

    2. .Reviews and forwards request to the appropriate Deputy State Auditor.

      2a. If request is not justified, returns request, notifying manager of reason for decision.

Action by Deputy State Auditor:

    3. Forwards approved request to the Information Services Manager.

      3a. If disapproved, notifies requesting supervisor and manager of reason for decision.

Action by Information Services Manager:

    4. Refers request to WAN Administrator of Information Technology for release of information.

Action by WAN Administrator:

    5. Determines the availability and the most reasonable method of accessing this information and notifies supervisor of availability of employee's information within five working days.

Action by Supervisor:

    6. Notifies affected employee within 48 hours.

POLICY NO. 6

    The Office E-Mail Messages Are Automatically Backed Up And Stored

    Description

    E-mail files are backed up on magnetic tape on a weekly basis. Back-up tapes are retained for 30 days with quarterly and yearly tapes locked in a vault off the I-5 corridor per the State Auditor's Office Information Technology Disaster Recovery Plan.

POLICY NO. 7

    Communication Media Shall Be Managed In Conformance With Washington State Statutes

    Description

    Management of the Office's e-mail communication media shall conform to all applicable statutes and regulations governing public records, records retention and public disclosure.