Subject: Institutional Email Service
Effective Date: September 24,2008
The intention of this policy is to collect all official and business communications of the university in one email system of record for security, auditability, records management, document preservation, archiving and destruction, as appropriate.
One enterprise email service, managed by Information Technology (IT), will be used for all institutional email business. All institutional email communications must be sent to or from the enterprise service. Messages that constitute a record of the official business of the institution must be preserved on the enterprise email service with the same care, and for the same duration, in compliance with regulations and policies that apply to similar hard copy communications. Email messages must not contain private sensitive information [(see the Information Security Policy #558)] held in trust by the University but must direct the recipient to some authenticated, secure source for appropriately controlled access to that information. Other confidential information must be encrypted in transit and in storage as a precaution against exposure.
Supervisors are instructed to make arrangements to retrieve business-related messages and other relevant electronic data from an employee’s email account prior to the employee’s separation from the University, after which the email account will be deleted. Forwarding services or other notifications may be provided after deletion of the account.
IT will develop procedures consistent with this policy and with currently deployed email functionality to meet the communication needs of the institution.
Email Alias - the advertised email address for an employee's email account, typically in the form of Firstname.Lastname@usu.edu or similar.
Email Service - an email account with mailbox storage and an email alias, provided for USU employees.
Enterprise Email System - the central email facility maintained by IT. It provides timely processing of both inbound and outbound email messages, protection from most spam and malware-laden messages, disaster recovery backups and interfaces to multiple email clients.
See also the proposed revisions to this policy at Institutional Email Service Revisions.