11.2.4 Email Policy

11.2.4

Email Policy

Edited/Revised: March 30, 2018

Revised Effective: May 1, 2018

Overview

Middle Georgia State University provides “electronic mail” (email) accounts for all faculty, staff, and students.

These email accounts are viewed as academic and business communication tools. This policy extends the Middle Georgia State University Appropriate Use Policy (AUP), to the use of email. In providing and maintaining its electronic communication infrastructure, Middle Georgia State University complies with applicable federal, state, and local laws.

2.0 Purpose

The purpose of this policy is to define the proper uses of email and email accounts on Middle Georgia State University networks. Refer to the Appropriate Use Policy (AUP) for more complete information about proper computer and network usage at Middle Georgia State University.

3.0 Scope

This policy covers all email systems on Middle Georgia State University networks, and all individuals issued Middle Georgia State University email accounts. All users of University email facilities must abide by the provisions of this policy and all of the terms and conditions set forth herein. The use of MGA email, like the use of any other university-provided technology resources, is subject to the normal requirements of legal and ethical behavior within the University community as well as all applicable policies and procedures.

4.0 Policy

Middle Georgia State University e-mail accounts are provided for the purpose of facilitating the business of the University. Incidental personal use of Middle Georgia State University email accounts is acceptable.

Email is an official means of communications at Middle Georgia State University. Therefore, the university will send communications to faculty, staff and students via email and expects that those communications will be received and read in a timely fashion.

Email, by its very nature allows account owners to conduct collaborative work and share information with students, coworkers, and colleagues regardless of time and/or geographic boundaries. Faculty and staff should conduct themselves in a professional manner during their communications. Every email message sent from a MGA account carries the University’s name, and all communications should reflect that.

Email is considered an insecure method of transmitting sensitive data unless special precautions are taken. Sensitive data should not be transmitted through electronic messaging even to other authorized users unless security methods, such as encryption, are employed.

Email messages are not private. All messages composed, sent or received on the e-mail system are and remain the property of the University. They are not the private property of any employee. Middle Georgia State University has the right to inspect, copy, store, and disclose at any time the contents of email messages stored on or transmitted through its facilities when the University believes it is appropriate to prevent or correct improper use, satisfy a legal obligation, or insure proper operation of the email facilities.

5.0 Standard

RESPECT FOR PRIVACY AND DUE PROCESS

Middle Georgia State University observes the privacy of software, files, and materials stored on or transmitted by university computer systems. System administrators will not monitor the contents of electronic mail messages as a routine procedure. In the event that a system administrator must access an individual’s email account to provide technical assistance, prior consent of the account owner must be obtained. Middle Georgia State University will comply with properly documented requests from law enforcement agencies involving access to employee and student email files. In the absence of such a request, notification, due process and the approval of University Counsel are required to access the contents of an individual’s email account. In the absence of University Counsel, his or her designee must give approval.

INDIVIDUALS’ RESPONSIBILITIES

Mailboxes have finite storage capacity. It is the users’ responsibility to delete and archive mail so that their mailboxes do not fill up and render their accounts unusable. Individuals may have email electronically redirected to another email address, but they do so at their own risk. The University will not be responsible for the handling of email by outside vendors or by departmental servers. Having email redirected does not absolve an individual from the responsibilities associated with communication sent to his or her official email address. Email shall not be the sole method for notification of any legal action.

OTR RESPONSIBILITIES

The  Office  of  Technology  Resources  (OTR)  will  provide  an  email  account  to  each member of the faculty, staff, and student body, as well as other approved individuals. The addition of accounts for individuals outside the campus community requires approval by the President or the Provost in collaboration with the CIO. Group login accounts for shared mailboxes are not permitted. In cases where multiple users need access to a single mailbox or email address, a shared mailbox, distribution list, or an alias can be created. Approval by your department head and the CIO are required before any of these are created. These addresses are used to distribute messages sent to a single email address among multiple recipients or for sharing access among multiple individuals to a single email box. Access to these mailboxes are based on membership granted by the email administrator so there are no unique credentials to remember. When an individual is no longer a member of the campus community their corresponding email account will be removed.

DISTRIBUTION LISTS

The Middle Georgia State University Faculty distribution list and Staff distribution list are for official university business. Only designated personnel can post messages to these lists without delay. All other posts to these lists must be approved by a moderator verifying that the post represents University business. Moderators for the Faculty distribution list will be members of the Faculty Senate. Moderators for the Staff distribution list will be members of the Staff Council. Should no one be available in a timely manner to approve the requested messages, the Provost (?) can moderate the faculty list and the Executive Vice President Finance & Operations (?) can moderate the staff list. The Student distribution list contains all students. Only designated personnel can post messages to this list. Members of each list may not unsubscribe. The author of any university-wide message assumes the responsibility for ensuring that the message does not violate University policies, regulations, or procedures. Disclaimers of confidentiality included in email messages do not protect the sender if confidential information is shared or disclosed inappropriately.

BACKUP RETENTION

Items deleted from a user’s mailbox are temporarily retained on the email server for 14 days. Deleted mailboxes or groups are temporarily retained on the server for 30 days. After such time, these items are permanently deleted from the server. Any other retention of data is controlled by the user through Outlook settings. We use Office 365 so full backups are not maintained on site.

SUPPORTED EMAIL CLIENT CONFIGURATION

Individuals may use an email client of their choosing.  However, the client MUST be capable of accessing the mail server in a safe and secure manner. OTR will not be responsible for technical support for non-standard clients.  To protect the privacy of passwords and email content, user access to email will only be provided via secure methods. Student email access will be through the web interface. Mobile friendly access will be provided as well.

6.0 Enforcement

Users of MGA email accounts who are found to be in violation of this policy or any other applicable university policy or regulation may be subject to revocation or limitation of email privileges as well as other disciplinary actions up to and including termination of employment

The Office of Network Services or the CIO must approve any waiver of these requirements.

7.0 Definitions

Sensitive – Information intended for limited use within Middle Georgia State University that, if disclosed, could be expected to have a serious adverse effect on the operations, assets, or reputation of Middle Georgia State University, or its obligations concerning information privacy.

8.0 Revision History

07/01/2015 Changed to reflect new institutional name

04/04/2017 Substantive changes

03/30/2018 Additional changes