Question

Assume that you are in charge of drafting the Employer's e-mail policy that intends to permit Employer monitoring of e-mail. What points would you address in the policy?

Answer 1

While drafting I would ensure that complete information is provided to educate the employees regarding the monitoring. The policy should be stated in a transparent fashion. Below are the important points to be included:

• Usage of office email for personal use

Employees should be asked to avoid using office email addresses for any personal work. For anything that is not concerning office work, the email address should not be provided anywhere. The main reason is to reduce the number of non-work related mails be it promotional mails, social media mails or private mails. Also, employees should be aware of not using office email addresses to send mails to personal email ids of self or friends/family as it is a major security breach.

• Tracking/Monitoring email

It should be clearly mentioned that the content in all the mails is subject to tracking and monitoring. Rather than finding objectionable content first and later informing the employee of the policy, the email policy should be clear from the very start.

• Threats from Malware/Virus

Employees should be educated to prevent opening any non-office related mails. It could be a malware which could bring up security concerns. Even though firewalls and virus protection are in place on the office network, employees often tend to use their laptops at home in non secure networks which often results in security concerns.

• Dealing with confidential data

The employees should be extra careful when dealing with confidential data. Often employees have a habit of using 'Reply All' and this results in content being sent to unwanted recipients. Such a situation should be strictly avoided. Example: Client related data which is common in IT companies must be dealt with great caution.

• Prohibited content

The employees should be provided a detailed list of items that cannot be sent over emails. Pornographic content, vulgar images or links, any confidential information to external recipient, offensive comments based on race, caste, sex or religion, etc. should strictly be avoided.

• Penalty in case of breach

The employers should be clear that any breach in the email policy would result in a strict penalty based on the offense with the maximum penalty leading to termination.