ºÚÁϳԹÏÍø

PURPOSE

ºÚÁϳԹÏÍøUniversity provides students, faculty, staff, and certain affiliates with e-mail addresses which are to be utilized for legitimate university-related activities and communication. E-mail is considered an IT resource and is subject to the provisions of this policy, as well as other IT related policies.

POLICY

ºÚÁϳԹÏÍøUniversity IT Services is the owner of e-mail and directory information and provides creation, management and distribution of official ºÚÁϳԹÏÍøUniversity e-mail accounts. To the extent a user forwards the content of a ºÚÁϳԹÏÍøUniversity e-mail account to another e-mail address (e.g. personal gmail), the user assumes all responsibilities for the consequences of delivery beyond the ºÚÁϳԹÏÍøUniversity e-mail service domains. The forwarded content, however, remains subject to applicable public records laws and related ºÚÁϳԹÏÍøUniversity policies.

All existing policies, standards, and regulations that apply to other forms of communication at ºÚÁϳԹÏÍøUniversity also apply to e-mail. Additionally, the following specific actions pertaining to the use of e-mail accounts and services of ºÚÁϳԹÏÍøUniversity are considered a violation of this policy:

1. Misrepresentation or concealment of names or affiliations in e-mail messages.
2. Alteration of the source or destination address of an e-mail.
3. Use of ºÚÁϳԹÏÍøUniversity e-mail services for any unauthorized commercial/personal business or organized political activity that is inconsistent with ºÚÁϳԹÏÍøUniversity tax-exempt status or serves as a conflict of interest.
4. Any use of e-mail to harass, intimidate, or threaten to cause emotional/physical harm to person(s) and/or damage to property, including deliberately sending frivolous or excessive e-mails (e.g. phishing or spam).
5. Use of large attachments that exceed standards, as an attempt to disrupt or alter ºÚÁϳԹÏÍøUniversity e-mail services.

The use of e-mail, as well as information assets and IT resources, is a privilege and not a right. ºÚÁϳԹÏÍøUniversity e-mail services are considered as an official means for communicating ºÚÁϳԹÏÍøUniversity business and may be the sole means of communication to users. Students, faculty, staff, and affiliates are presumed to read and understand all official ºÚÁϳԹÏÍøUniversity e-mail messages sent to their university e-mail account. Usage of listservs are encouraged to manage distribution of e-mails to the large amount of users. Mass emergency e-mails, such as RAVE, will follow the campus emergency notification process.

PRIVACY, OPERATIONS, and MONITORING

Users are reminded that any e-mail sent from a ºÚÁϳԹÏÍøUniversity account or residing on any ºÚÁϳԹÏÍøUniversity e-mail services/systems may be considered as public record(s) and subject to disclosure. ºÚÁϳԹÏÍøUniversity seeks to maintain its IT environment and manage all information assets including data, computing devices, systems technology, telephony, and IT resources in a manner that respects individual privacy and promotes user trust. However, the use of ºÚÁϳԹÏÍøUniversity IT resources is not completely private, and users should have no expectation of privacy in connection with the use of any information asset or IT resource.

ºÚÁϳԹÏÍøUniversity has the legal right to access, preserve, and review all information stored on or transmitted through any information asset or IT resource, including the inspection of e-mail messages, logging of activities, monitoring usage patterns, and data audits/integrity checks. IT Services may, with or without notice to users, take any other action it deems necessary to preserve, secure, and protect systems, information assets, or IT resources for the betterment of ºÚÁϳԹÏÍøUniversity. Without limiting its right to take action, ºÚÁϳԹÏÍøUniversity may, in it’s sole discretion, disclose the results of any general or individual monitoring or access permitted by this policy, including the contents and records of individual communications, to appropriate ºÚÁϳԹÏÍøUniversity personnel and/or law enforcement agencies.

SCOPE of AFFECTED PARTIES

This policy applies to all users, such as students, faculty, and staff of ºÚÁϳԹÏÍøUniversity and to other persons accessing ºÚÁϳԹÏÍøUniversity information assets and/or IT resources including but not limited to authorized agents or community members, regardless of whether such information asset or IT resource is accessed from on-campus or off-campus.

ACCOUNTS

FACULTY and STAFF
E-mail services are available for faculty and staff to conduct and communicate official University business. Incidental personal use of e-mail is allowed with the understanding that the primary use be job-specific, and that occasional use does not adversely affect work responsibilities of the user or the performance of IT information assets or resources. With the exception of retired Emeritus Faculty, e-mail services are provided only while a user is employed by the university. Once a user’s employment ceases, either voluntarily or involuntarily, their email is disabled, preventing them from accessing the contents contained within e-mail mailboxes. If a departing employee needs to gain access to their previous e-mail account/mailbox contents, accommodations will need to be approved by a designee of the Executive Leadership Team in writing.

STUDENTS
E-mail services are available for students to support learning, research, and to serve as formal communication by and between themselves and ºÚÁϳԹÏÍøUniversity. Access to e-mail services will remain active as long as a student is actively enrolled in classes, but student email accounts will be disabled 3 months after their last enrolled semester. This allotted time is intended to provide adequate time for transferring e-mail and other content to a personal e-mail service.

AFFILIATES and OTHERS
Individuals with special affiliations with ºÚÁϳԹÏÍøUniversity are granted limited e-mail privileges, commensurate with the nature of their special relationship. ºÚÁϳԹÏÍøUniversity is free to discontinue these privileges at any time.

ROLES & RESPONSIBILITIES

All ºÚÁϳԹÏÍøUniversity students, faculty, staff, and other parties with access to ºÚÁϳԹÏÍøUniversity information assets and IT resources shall be responsible for:

USERS

• Usage of e-mail, as well as all information assets and IT resources, in compliance with all applicable laws and ºÚÁϳԹÏÍøUniversity policies, standards, guidelines, regulations, and procedures.
• Understand and comply with the guidance provided by this policy, as well as applicable compliance programs and affiliated awareness training.
• Become educated on phishing attacks, malware, and other e-mail obstacles by adhering to announcements from ºÚÁϳԹÏÍøUniversity IT Services in e-mail or by visiting the ºÚÁϳԹÏÍøUniversity IT Services webpage.
• Be diligent in securing your e-mail credentials.
• Promptly report any suspected violation of this policy, any security events, and/or incidents involving a suspected compromise of a user’s account or IT resource to itworkorder@shepherd.edu.

CIO/CISO – INFORMATION PRIVACY OFFICER

• Oversee and administer this policy.
• Provide authorization and direction to IT Services staff in accordance with this policy.
• Develop awareness and necessary training materials as it pertains to this policy.

IT SERVICES STAFF

• With appropriate authorization, take directed action in accordance with this policy to preserve, secure, and protect the interests of ºÚÁϳԹÏÍøUniversity.
• Ensure all associated procedures are followed and documented accordingly when taking any actions outlined in this policy.

RELATED TOOLS

RELATED POLICIES & GUIDELINES
BOG#35: Information Technology Security
Acceptable Use Policy
IT Information Security & Privacy Policy
International Travel Security Policy
Password Guidelines
Social Security Number Guidelines
Work from Home / Remote Access Guidelines

POLICY: E-Mail Policy
IMPACT: Data, Technology, and IT Resources
RESPONSIBLE OFFICE: IT Services
CREATED: August 18, 2021
REVIEWED: February 19. 2024; November 28, 2022
APPROVED BY: CIO/CISO – Information Privacy Officer
VERSION: 24.1