91热爆网

Electronic Mail Policy for Non-Student Accounts

Initially approved:  February 22, 2006
Revised:  May 21, 2018 
Revised: May 9, 2023

Policy Topic:  Information Technology
Administering Office:  Office of the CIO

      I.        POLICY STATEMENT

Western Carolina University (hereinafter 鈥淯niversity鈥�) electronic mail (hereinafter 鈥淓mail鈥�) accounts are provided and supported by the State of North Carolina to further the missions of the University.

The purpose of this Policy is to ensure the appropriate use of the University鈥檚 Email System by its employees and guests. Use of the University鈥檚 Email system evidences the user鈥檚 agreement to be bound by this Policy.

    II.        SCOPE

All individuals, including employees (faculty and staff) and contractors, or entities assigned a non-student University Email account.

   III.        DEFINITIONS

鈥淏roadcast Email鈥� shall mean an Email message sent to a large audience, either internal to the University or external to the University, from one individual, unit, college or other subdivision of the University.

鈥淓mail鈥� shall mean electronic mail, either sent or received, which is a means of transmitting and storing digital messages and files.

鈥淓mail System鈥� shall mean any system used by the University as its primary means of transmitting and storing Email.

鈥淔orensic archive鈥� shall mean a technical control applied to an Email account that prevents the owner of the account from deleting Email either sent or received.

鈥淣on-Student University Email Account鈥� shall mean an Email account provided to an individual or entity associated with the University pursuant to University policy, procedure, and/or practice.

鈥淪eparation鈥� shall mean the employee left employment with the University and is no longer affiliated with an employment agreement.

鈥淪tudent University Email Account鈥� shall mean an Email account provided to an accepted or enrolled University student by the University鈥檚 third party Email provider.

鈥淯ser鈥� shall mean all individuals, including employees (faculty and staff) and contractors, or entities assigned a non-student University Email account.

  IV.        USER RESPONSIBILITIES

1. General Responsibilities

    

   All users are required to read their Email messages on a regular basis.  Users have the responsibility to use this resource in an efficient, effective, ethical, and lawful manner.  Users must comply with Policy 52 Responsible Use of Information Technology Resources.
   
   

2.  

   Email Security

    

   The security of the University鈥檚 Email System is a shared responsibility, and users must take precautions to prevent the unauthorized use of their Email accounts.  Such precautions should include regularly changing passwords and securing passwords in a safe place, checking with the purported sender before opening a suspicious message or attachment, and declining to share, transfer or otherwise permit third parties to have access to 91热爆网id credentials. 

   The University prohibits automatic forwarding of University Email to a non-University account. The IT Division will not enable this feature for a user.
   
   

3.  

   Sensitive Data

    

   In general, Email is not appropriate for transmitting sensitive or confidential information unless an appropriate level of security matches its use for such purposes. Users must abide by data handling procedures defined in University Policy 97 Information Security and Privacy Governance when utilizing Email to transmit sensitive data.  Additional systems operated by the University will scan Email for specific Sensitive Data, including Social Security Number(s) and Credit Card Number(s), and potentially block the Email. 
   
   

4.  

   Records Retention

    

   Matters communicated via Email may become a public record, may become evidence in a judicial proceeding or may otherwise be shared with a broader audience than originally intended.  Email created or received for business purposes may not be deleted unless permitted under the record retention schedule in use by the University. 

   Users are responsible for saving Email messages electronically or printing and retaining a hard copy consistent with the records retention schedule.  However, users shall not bulk extract or archive their Email to another form of storage such as an 鈥渙ffline archive.鈥� 

   Email messages that have reference or administrative value but are of a temporary, ephemeral, or transient nature may be deleted when the user has determined that their reference value has ended.

    V.        OFFICIAL UNIVERSITY EMAILS

1. Email as Official Communication

    

   The Email System is provided by the University as one of its primary means of official communication. An Email message regarding University matters sent from an administrative office, faculty, or staff member is considered to be an official notice. Supervisors must ensure that their University staff and faculty have access to the necessary or appropriate messages distributed via the University鈥檚 Email System.
   
   

2.  

   Broadcast Email

    

   Those wishing to transmit Broadcast Email to alumni, students, faculty, and/or staff must obtain approval from a member of Executive Council or the Chancellor,and comply with the current procedures for sending Broadcast Email.

  VI.        PERSONAL USE

A University Email account may be used for incidental personal purposes provided such use does not violate other University policies, interfere with University IT operations, including Email services, generate a direct cost for the University or impact University employment or other obligations to the University. Additionally, the personal use cannot involve the following:

• Purposeful sending or soliciting of chain letters or sending unsolicited bulk mail messages (e.g., 鈥渏unk mail鈥� or 鈥渟pam鈥�), or otherwise overloading the University鈥檚 Email System or negatively interfering with system performance.
• Uses that result in commercial gain or personal profit for yourself or others, except as allowed under University intellectual property policies and the external activities for pay policy. However, in no case may the University鈥檚 Email System be used for solicitation of any external activity for pay without the appropriate approval.
• Stating or implying University sponsorship or endorsement of the Email鈥檚 message.

 VII.        PRIVACY OF EMAIL

University staff do not routinely monitor the content of electronic mail. However, no user of University Email or the University Email System should have the expectation that any Email content, whether personal or business-related, will be private.  To the extent permitted by law and policy, the University reserves the right to access and disclose the contents of any users鈥� Email, including discarded messages, without the consent or knowledge of the user. Automated security systems operated by the University will scan Email for potentially malicious or harmful content such as suspicious links or attachments.

VIII.        UNIVERSITY RECORDS RETENTION, DISPOSITION OF EMAIL, AND FORENSIC ARCHIVES

Users must comply with the responsibilities outlined in Section IV(4) of this policy and the records retention schedule currently in use by the University. 

The University Office of Information Technology will apply the following disposition practices to all Email accounts (except forensic archives):

• All Emails will be automatically purged ten (10) years after they are sent or received.
• Emails that need to be retained longer than ten (10) years should be printed or saved as a pdf or other electronic document.
• Upon separation from the University, an employee鈥檚 Email content will be retained for one (1) year and may be delivered to the employee鈥檚 last supervisor upon request within that year.
• Employees returning to the University after separation generally will not retain previous Email content.  However, adjunct faculty and other time-limited positions that work on a recurring basis may retain access to Email content if they return within twelve (12) months.

Forensic archives of a user鈥檚 Email may be permitted upon approval of the University Legal Counsel

  IX.        VIOLATIONS

Violations of this Policy may result in restriction of access to the University Email system and/or other appropriate disciplinary action.

    X.        REFERENCES

University Policy 52 鈥� Responsible Use of Information Technology Resources

Data Handling Procedures

Records Retention Schedule

University Policy 54 鈥� Conflicts of Interest; External Activities for Pay; Conflicts of Commitment for EHRA Employees

University Policy 87 鈥� Secondary Employment Policy for SHRA Employees

University Policy 97 鈥� Data Security and Stewardship