Do you have an email policy in place for your organization? If you don’t, you’d better get one fast. Find out why you need an email policy and download a sample email policy to help you get started.
Why Do You Need an Email Policy?
Here are five reasons why your company needs an email policy:
1. Protect against email threats: An email policy helps prevent email threats. A well laid out email policy makes your staff aware of the corporate rules and guidelines, which if followed will protect your company against (spear) phishing attacks and confidentiality leaks, aid compliancy and minimize legal liability.
2. Avoid misconduct: An email policy can help stop any misconduct at an early stage, for instance by asking employees to come forward as soon as they receive an offensive email. Keeping the incidents to a minimum can help avoid legal liability. For instance in the case of Morgan Stanley, the court ruled that a single e-mail communication (a racist joke, in this case) cannot create a hostile work environment and dismissed the case against them.
3. Reduce liability: If an incident does occur, an email policy can minimize the company’s liability for the employee’s actions. Previous cases have proven that the existence of an email policy can prove that the company has taken steps to prevent inappropriate use of the email system and therefore can be freed of liability. WorldCom Corp. for instance, faced a court case from two former employees for allowing four racially offensive jokes on its email system. WorldCom successfully defended themselves because they had an email policy that spelled out inappropriate content and because they took prompt remedial action against the co-worker who sent the racially harassing e-mails.
4. Educate Email Etiquette: You can use your email policy to educate your employees in email etiquette to ensure that your company conveys a professional image in its email communications.
5. Warn employees of email monitoring: If you are going to use email filtering software to check the contents of your employees’ emails, it is essential to have an email policy that warns your employees that their emails might be monitored. If you do not have such as policy you could be liable for privacy infringement. More about the legality of email monitoring.
Sample Email Policy
Download this sample email policy that you can use as a starting point. Note that this email policy is merely for informational purposes and should not be relied upon as a legal document. Need more help? Take a look at these 10 points that you should include in your email policy.
Enforcing the Email Policy
Just having an email policy is not enough. There are a number of ways in which companies can make sure that the company email policy is adhered to:
Provide training
Regularly train users in applying the email policy. Help users send effective emails by informing them of best practices, explain that offensive jokes and remarks can be much more harmful than they seem, and stress that employees that witness abuse of the email system must report this to their supervisor. Warn that employees must not click on links in unsolicitd emails asking them to update their details no matter how genuine they look. Encryption techniques and the use of digital signatures should also be covered.
Take prompt action
If an employee complains about offensive emails, it is extremely important that this is dealt with fairly and quickly. Internal procedures should be in place in order to allow investigation into complaints. Employees must also be encouraged to come forward if inappropriate email content is detected. Prompt action can potentially save your company a large amount of legal costs, as was the case with WorldCom corp. Within 10 days of hearing the employees’ complaints about offensive emails, supervisors arranged two meetings to discuss the incident. They also reprimanded the sender of the messages by placing a written warning in her personnel file and issuing a verbal reproach. WorldCom supervisors also requested that several workers, including the two plaintiffs, review the company’s email policy. The result was that the court deemed that the employer had ‘acted reasonably’ and dismissed the case against WorldCom.
Monitor email
Monitoring of email is the only way to make sure that no email policy rules are being breached. You can monitor emails that are stored on the company’s systems, but the best way to monitor email is to automatically block or quarantine messages before they are sent or received. In this way, you can also detect patterns of misuse. The practicing of email monitoring could also be of help in a court of law, since it shows that the company is serious about preventing offensive messages and unlawful use of the email system.
