1 Introduction: STATE OF WYOMING Electronic Mail Policy Pursuant to Executive Order dated the 23rd of December, 1999 Electronic mail ( ) enables the user to send and receive messages, make appointments, or coordinate work schedules rapidly and efficiently. The advantages of e- mail have caused a rapid growth in the use of this technology. With the rapid expansion of throughout Wyoming State agencies, more data are being transmitted between employees without the use of traditional paper documents. This trend increases the possibility of State records being lost before completing their retention cycle, and the messages being subpoenaed for use in litigation. Records contained within the system need to be identified and controlled in the same manner as any other record. This policy shall apply to all State of Wyoming employees whether full-time, part-time, or contract as well as all individuals contracted to perform work for the State. Each agency may develop its own policy provided that, at a minimum, all provisions set forth in this policy are contained in its policy. In such a case, the agency s policy shall take precedence over this policy. Users are cautioned that the use of and attachments thereto may create the need to preserve other forms of data, such as graphics files, digital photographs, sound or wave files and video clips. When using these data forms in conjunction with the system, please consult your agency s policies or computer specialist for advice on the use and preservation of such data. Public records, including those created in , are the property of the State of Wyoming. W.S defines public records for the purposes of those records available for public inspection. W.S defines public records for purposes of management of public records by the Department of State Parks and Cultural Resources. General Notice: A. Electronic mail is an electronic file which is transmitted to other computer users. When transmitted to a recipient, electronic mail may create the sender's electronic file in the recipient's computer system. Deleting electronic mail does not ensure erasure of all copies of the file. Copies of deleted files may be stored remotely for long periods of time, and can be accessed and disclosed. Therefore, employees should not expect their electronic communications to be private, and should not use electronic mail for communications not intended for disclosure to third parties. Although the contents of business-related electronic mail are subject to the same rules of legal privilege as other forms of communication and recordkeeping, employees should treat the electronic mail system as a shared file
2 system, with the expectation that messages sent, received or stored in the system (including individual hard disks) may be subject to access, monitoring and disclosure. Employees should be aware that documents created and sent by electronic mail for official business or as evidence of official acts may constitute official records of the State. B. Nothing in this policy should be construed to waive any claim of privilege or confidentiality for the contents of electronic mail available to the State or to require public disclosure of electronic communications. Definitions: Record: Public records under Wyo. Stat (a)(v) includes... the original and all copies of any paper, correspondence, form, book, photograph, photostat, film, microfilm, sound recording, map, drawing or other document, regardless of physical form or characteristics, that have been made by the State of Wyoming... and by any agencies of the State... or received by them in connection with the transaction of public business, except those privileged or confidential by law. Wyo. Stat also defines public records for purposes of management of public records by the Department of State Parks and Cultural Resources. The definitions are essentially similar, except that W.S does not exclude information privileged or confidential by law. Thus, the Department of State Parks and Cultural Resources may store confidential or privileged information. The Department, however, does not make these confidential documents available to the public. See W.S System: A program designed to create, send, receive, and store messages and other data transmitted electronically between individual users and/or groups of users. File transfer programs are not included in this definition is the electronic transmission of messages and documents. A message may be transmitted within an agency, between agencies of the State or to a destination outside the state system. An message could be a short note or announcement or longer, more formal writing and may include various attachments. An attachment is added electronic data, such as a word processing file, not contained in the main body of the document. General Considerations for Use of 1. Messaging system not a storage system. The State s system is designed for communication by written message. It is not and should not be used as a document storage or management system. 2. Official Business. The State s systems are for official business. All messages sent or received on the system are the property of the State of Wyoming. 3. Expectation of Privacy. Employees should not expect messages in their basic form to be private. is not immune from unauthorized interception, therefore agencies should consider encryption of sensitive information or consider alternative means of communication. Because materials and communications
3 privileged or confidential by law are not included within the definition of public records set out in the Public Records Act (W.S through ), each agency must have a plan for separating out confidential material sent by , or have a policy that confidential materials and communications will not be sent through this medium. Users should never place any data on the system that they would not want to appear on television or in newspapers. 4. Account. accounts, and the messages contained within these accounts, are important to the business functions of an individual State agency. As such, the messages and accounts are the property of the State of Wyoming and will be managed by individual agencies. In the event of any employee termination or interagency transfer, the employee s account shall remain with the originating agency. All messages may be reviewed and redirected to the employee s successor or otherwise purged of agency-specific content as appropriate. 5. Improper uses. The use of the system to transmit data which is disparaging or harassing to individuals or groups will not be tolerated. Types of data include: writings, drawings or any other form that is degrading or harassing to others based on, but not limited to, race, age, origin, sex, disability, religion or political beliefs, including jokes. may not be used for personal commercial ventures, religious or political causes, endorsement of candidates, or outside organizations. 6. Security. To ensure system integrity and security, each individual must protect his system password from disclosure to others. Passwords should be changed frequently. It is suggested that passwords be constructed of alphanumeric characters that are not recognizable words or patterns. 7. Copies and dissemination. can be copied and forwarded to numerous individuals. Copies of an may be retained by persons unknown to the author long after the intended function has been completed. Both recipients and transmitters need to protect data sent on the system from unauthorized alteration and deletion. 8. Copyright violations. The ability of various systems to include attachments enables the users to forward additional data to other users. The ease of transmitting attachments places the burden of protecting copyrighted material on the transmitter. Protection of copyrights requires the user to make, to the greatest degree possible, a determination of authorship of any data utilized. All copyright laws apply equally to systems. Crimes against intellectual property in Wyoming are defined by W.S Etiquette. Use of etiquette should be observed at all times. Employees represent the State of Wyoming and should act in a professional manner at all times. 10. Viruses and . Simply reading a text based can spread a virus to your computer. This is a relatively new development. Viruses can also be hidden in attachments to mail messages. There is risk from opening attached files to the e- mail message, especially executable files. In addition, other types of file attachments can pose a risk, such as MS-Word documents, Excel spreadsheets, and similar files used by applications that use macros, because these files can be infected with a macro virus. If you receive any unsolicited from unknown
4 sources or untrusted documents or executable programs via an attachment, the file should be saved to the local hard drive and scanned with an anti-virus scanning product (with the latest virus signatures or definitions installed) before the file is opened or run. The MIS person should be contacted for assistance. Be aware that this is not an absolute guarantee that the contents of the file are safe, but it will check for any viruses or malicious code that the scanning software can detect. If there is any doubt (especially if the was sent from an unknown source), deleting unsolicited messages with all attached files is the safest thing to do. Users are requested not to spread unconfirmed warnings about viruses. If you receive an unvalidated warning, do not pass it to others; pass it to your systems administrator to validate first. Access to State System: Employees only. Employees of the State are granted access to the system to carry out their assigned duties. System privileges to non-employees shall be granted only with approval of the agency director or his designee. Access to the e- mail system may be terminated at any time if it has been determined access is no longer needed or there has been abuse of the system. If an agency s policies include retention of electronic records, information contained in an system must remain accessible for reference, as required by the retention guidelines in those policies. To remain accessible, the electronic data must be migrated to new software and storage media as updates occur. Disclosure of All that resides on the message server, on any file server, or on any individual's workstation belongs to the State of Wyoming. The State reserves the right to inspect e- mail at any time. Inspection of is limited to the following entities: State/Agency: Immediate supervisor, division management, agency director, Attorney General, including the Department of Criminal Investigation, or as otherwise statutorily authorized. The Attorney General s access to records of the Public Defender s Office may be subject to common law or statutory privilege. Non-State: Anyone with proper judicial approval Anyone requesting to see certain public records pursuant to the Public Records Act
5 1. Litigation and discovery of public records. Any public record (under the definition of public record in W.S , which specifically excludes information privileged or confidential by law) is subject to discovery requests as part of a legal proceeding. Some confidential data might also be subject to discovery, usually with a court order. Discovery can include all data in , including all archived that may pertain to the particular court case. Therefore, it is incumbent upon system users to manage their data in accordance with an approved record retention schedule. Users should purge from the system as soon as its purpose has been served. It is also incumbent upon system users, if confidential communications or information is sent by , to have a system for separating confidential or privileged information from public information. 2. Inspection of public records. Any person may inspect public records at reasonable times subject to any regulation, rule, or exception contained in or allowed by W.S through and W.S If you have questions regarding the inspection of records, contact your Assistant Attorney General. 3. Requests for . Requests to inspect documents should be referred to the agency director. The agency director or his designee should determine, with consultation of the Attorney General s Office if appropriate, if inspection is appropriate and how best to fulfill the inspection request. 4. One week backup only. Each agency may establish its own backup policy, but it is recommended that backup of systems should be for disaster recovery and should be retained no longer than one week. Any requests to inspect backup records should go through the agency director or his designee for processing. Retention of Public Records Created as 5. Types of . , like word processing, is a medium, not a record type. The records are the various documents that are created, sent, and received through the e- mail system. Records in the system should remain in that application for only a short time. documents can be non-records, time limited records, permanent/archival records, or confidential records. 6. Non-record . Non-record messages are created primarily for the communication of information which does not set policy, establish guidelines or procedures, certify a transaction, or become a receipt, and that have no enduring value. Since this type of message is informal, it could be compared to, but not limited to, personal messages, duplicate documents, telephone call notices, scheduled meetings reminders, or other temporary information. This type of message is short lived and should be deleted as soon as its purpose has been completed. 7. Time limited records created as . Time limited records are those which have a legal or administrative value, but are not permanent. records of this classification must be maintained in a usable format in accordance with the agency s retention policy. The forms in which these records are maintained may be hard copy printout, microfilm or may be electronically generated. Internal procedures and system design should protect against document alteration, identify other records related to the same subject, and provide for regular, scheduled disposition. Should a file be identified as a time limited record but not listed in the retention schedule, agencies should contact the
6 State Archives, Records Management Unit, phone for assistance in obtaining disposition authority. 8. Permanent records created as . Permanent/Archival records are those records having legal, administrative or historical value which must be retained indefinitely. These records must be preserved in a medium that can be used by future generations. Since there are no national standards for permanency of the electronic medium on which is maintained and since that medium is not considered permanent, these electronic records are not considered acceptable for permanent record storage. It is recognized that there are constant changes in technology. If or when standards for permanence of become a reality, and the medium is judged permanent, this policy will be re-evaluated and appropriate changes will be made. records appraised as permanent must be converted to paper, microfilm, or another acceptable medium for permanent record retention. 9. Preservation of sender, recipient and date information. that is identified as a record must at a minimum contain the senders, recipients, and time/date of transmission or receipt. 10. Electronic calendar records. Although not directly an e- mail function, many e- mail software packages provide calendaring capabilities. Offices using the calendaring feature to document affected agency public hearings or regulatory meetings must retain calendar records for the period of time identified in the State of Wyoming General Schedules Executive Branch or as specified by a separate retention schedule. 11. Retention schedules. If a retention schedule needs to be developed, contact the State Archives, Records Management Unit, phone for assistance. 12. Retention of digital data. Public records may include digital data such as graphics files, digital photographs, sound or wave files and video clips. If appropriate, such digital data may need to be preserved or converted to hard copy for retention purposes.
REED COLLEGE ediscovery GUIDELINES FOR PRESERVATION AND PRODUCTION OF ELECTRONIC RECORDS TABLE OF CONTENTS A. INTRODUCTION... 1 B. THE LANDSCAPE OF ELECTRONIC RECORDS SYSTEMS... 1 1. Email Infrastructure...
St. Johns River State College 3.11 Technology 3.11.1 Account Management Computer accounts are the means used to grant access to SJR STATE Information Resources. These accounts provide a means of providing
The Archbishop s Seminary Information Security Policy 1 Contents PURPOSE... 4 SCOPE... 4 POLICY STATEMENTS... 5 INFORMATION SECURITY POLICY... 5 THE SCHOOL S RIGHT TO ACCESS ITS PROPERTY... 5 THE SCHOOL
Delgado Community College Information Technology Security Policy Approved: *November 5, 2010 ) Delgado Community College IT Security Policy Page 2 *November 5, 2010 Table of Contents Title Page 1.0 Introduction
APPROPRIATE USE POLICY Heartland Community College Information Technology Version 2.0 10/01/2013 Table of Contents 1.0 INTRODUCTION... 4 2.0 DEFINITIONS... 4 2.1 Authentication... 4 2.2 Authorization...
Redland Christian Migrant Association (RCMA) Internet Security and Safety Policy I. Overview RCMA supports instruction through the use of educational and administrative computers. The responsible use of
Information Technology Security Policies Randolph College 2500 Rivermont Ave. Lynchburg, VA 24503 434-947- 8700 Revised 01/10 Page 1 Introduction Computer information systems and networks are an integral
END USER LICENSE AGREEMENT, NOTICE AND HIPAA BUSINESS ASSOCIATE AGREEMENT This End User License Agreement, Notice of Privacy Practices and HIPAA Business Associate Agreement (this "Agreement ) are by and
Pur pose The purpose of this policy is to establish direction, procedures, requirements, and responsibilities to ensure the appropriate protection of the Lisbon Public Schools computer and telecommunication
Challenges in Managing Records in the 21 st Century Prepared by the NECCC Analysis of State Records Laws Work Group NATIONAL ELECTRONIC COMMERCE COORDINATING COUNCIL Copyright 2004 by The National Electronic
Records Management Guide Records Management Office Records Management Officer Jim Mousa Building 8 Room 1207 904-620-2779 TABLE OF CONTENTS Records Management....... 3 Files Management.... 6 Electronic
Document & Records Management Policy Document and Records Management Policy 1 Document & Records Management Policy NHS England INFORMATION READER BOX Directorate Transformation & Corporate Operations Publications
Internet & Cell Phone Usage Policy The Internet usage Policy applies to all Internet & Cell phone users (individuals working for the company, including permanent full-time and part-time employees, contract
INFORMATION TECHNOLOGY User Standards and Guidelines Manual May 2010 Division of Information Technology http://www.palmbeachschools.org/it/security.asp Table of Contents 1. Introduction... 4 2. Definitions...
Montclair State University HIPAA Security Policy Effective: June 25, 2015 HIPAA Security Policy and Procedures Montclair State University is a hybrid entity and has designated Healthcare Components that
NETWORK SECURITY POLICY 1. GENERAL Henry County Board of Education (Board) provides employees appropriate electronic access, consisting of e- mail communication, network connectivity, student information
Information Technology Policies and Procedures Wakulla County School District March 2014 Table of contents TABLE OF CONTENTS... 1 1.0 OVERVIEW... 2 2.0 PURPOSE... 2 3.0 SCOPE... 2 4.0 ACCEPTABLE USE POLICY...
Hamilton College Administrative Information Systems Security Policy and Procedures Approved by the IT Committee (December 2004) Table of Contents Summary... 3 Overview... 4 Definition of Administrative
Request for Proposal (RFP) for an Applicant Tracking Solution City of Durham October 2013 Table of Contents General Information 10. Date of RFP. 20. Project Manager and Contact with City; Questions about
United Cerebral Palsy of Greater Chicago Records and Information Management Policy and Procedures Manual, December 12, 2008 I. Introduction United Cerebral Palsy of Greater Chicago ( UCP ) recognizes that
Information Security Policy The purpose of this Policy is to describe the procedures and processes in place to ensure the secure and safe use of the federation s network and its resources and to protect
Jefferson County School District Information Technology Policies and Procedures 575 S. Water Street Monticello, FL 32344 (850) 342-0100 www.jeffersonschooldistrict.org June 2014 Table of Contents 1.0 Overview...
STATE OF MARYLAND INFORMATION SECURITY POLICY Version 3.1 February 2013 TABLE OF CONTENTS SCOPE... 3 AUTHORITY... 3 RECORD OF REVISIONS... 3 SECTION 1: Preface... 5 SECTION 2: Roles and Responsibilities...
CODE OF CONDUCT Living Our Values Around The World Colgate s Code of Conduct sets forth our principles for working with each other, outside businesses, consumers, governments, local communities, and shareholders.