Follow these simple guidelines from our friends at IT Donut to implement an IT policy
1 – Get samples of email policies and email disclaimers (for example, by searching on the Internet).
2 – Set up an individual password-protected account for each employee and any general addresses (eg [email protected]).
3 – Establish who is responsible for each account and how incoming emails will be handled when an employee is absent.
4 – Establish security procedures and systems, such as password control, encryption and virus-checking software.
5 – Encourage appropriate business use of email.
6 – Specify what use of email is prohibited; ban the use of email for sending or receiving offensive material or engaging in illegal activities.
7 – Set limits on personal use of email: for example, prohibiting transmitting large attachments or joining busy mailing lists.
8 – Set up personalised signatures for outgoing e-mails including key company information (your company’s registered name, place of registration, registration number; and address of its registered office)..
9 – Set up a standard disclaimer; consider whether you want to include a disclaimer of any contractual significance for emails.
10 – Establish rules on sending confidential and personal information; check that these meet the requirements of data protection regulations.
11 – Set a standard response time for replying to emails.
12 – Let employees know how emails are monitored and stored; ensure that any monitoring complies with legal restrictions protecting privacy.
13 – Communicate the policy to all staff and provide appropriate training in effective use of email and the legal issues.
14 – Clarify the disciplinary consequences of breaching the policy, and consistently enforce the policy.
Set up IT systems in a way which helps support the policy
Encourage appropriate use
Clearly explain prohibited use
Think about data protection
Read employees’ emails unnecessarily and illegally
Ignore breaches of the policy
Source IT Donut