How to implement an email policy
Checklist
- Get samples of email policies and email disclaimers (for example, by searching on the Internet).
- Set up an individual password-protected account for each employee and any general addresses (eg sales@yourcompany.co.uk).
- Establish who is responsible for each account and how incoming emails will be handled when an employee is absent.
- Establish security procedures and systems, such as password control, encryption and virus-checking software.
- Encourage appropriate business use of email.
- Specify what use of email is prohibited; ban the use of email for sending or receiving offensive material or engaging in illegal activities.
- Set limits on personal use of email: for example, prohibiting sending large attachments or joining busy mailing lists.
- Set up personalised signatures for outgoing emails including key company information (your company’s registered name, place of registration, registration number; and address of its registered office)..
- Set up a standard disclaimer; consider whether you want to include a disclaimer of any contractual significance for emails.
- Establish rules on sending confidential and personal information; check that these meet the requirements of data protection regulations.
- Set a standard response time for replying to emails.
- Let employees know how emails are monitored and stored; ensure that any monitoring complies with legal restrictions protecting privacy.
- Communicate the policy to all staff and provide appropriate training in effective use of email and the legal issues.
- Clarify the disciplinary consequences of breaching the policy, and consistently enforce the policy.
Cardinal rules
Do:
- set up IT systems in a way which helps support the policy
- encourage appropriate use
- clearly explain prohibited use
- provide training
- think about data protection
Don't:
- read employees' emails unnecessarily and illegally
- ignore breaches of the policy
