Supersedes Policy previously approved by TBM

Similar documents
DIRECTIVE ON RECORDS AND INFORMATION MANAGEMENT (RIM) January 12, 2018

4.2 Electronic Mail Policy

OCIO Directive on Instant Messaging. Presented by: Lori Collins Information Management Branch February 21, 2012

Records Management and Retention

RECORDS AND INFORMATION MANAGEMENT AND RETENTION

Records Retention Policy

General Disposal Authority 7

GOVERNMENT OF ONTARIO COMMON RECORDS SERIES TRANSITORY RECORDS

Policies & Regulations

CARROLL COUNTY PUBLIC SCHOOLS ADMINISTRATIVE REGULATIONS BOARD POLICY EHB: DATA/RECORDS RETENTION. I. Purpose

8/28/2017. What Is a Federal Record? What is Records Management?

Management: A Guide For Harvard Administrators

POLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6

DEPARTMENT OF HOMELAND SECURITY RECORDS MANAGEMENT HANDBOOK

Privacy Breach Policy

RECORDS WWU: . WWU Archives & Records Management Tony Kurtz x3124 Rachel Thompson x6654

WHEATON COLLEGE RETENTION POLICY May 16, 2013

UTAH VALLEY UNIVERSITY Policies and Procedures

BlackBerry Usage Policy. Government of Newfoundland and Labrador (GNL)

University Policies and Procedures ELECTRONIC MAIL POLICY

Library and Archives Canada. Generic Application Guide for the Disposition Authorization for Transitory Records (DA 2016/001)

5/6/2013. Creating and preserving records that contain adequate and proper documentation of the organization.

ELECTRONIC MAIL POLICY

Ashford Board of Education Ashford, Connecticut POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION

Records Management at MSU. Hillary Gatlin University Archives and Historical Collections January 27, 2017

Record Keeping Best Practice. Distinguish between University and Non-University Records

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES

Employee Security Awareness Training Program

Springfield, Illinois Police Department

Managing Official Electronic Records Guidelines

Southington Public Schools

COUNTY OF RIVERSIDE, CALIFORNIA BOARD OF SUPERVISORS POLICY. ELECTRONIC MEDIA AND USE POLICY A-50 1 of 9

Checklist: Credit Union Information Security and Privacy Policies

Records Information Management

SPRING-FORD AREA SCHOOL DISTRICT

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY October 25, 2017

Policy. Sensitive Information. Credit Card, Social Security, Employee, and Customer Data Version 3.4

Archive and Records Management Policy

Records Retention 101 for Local Government Agencies. Overview

Managing and Electronic Records: A Transition Priority

RPR CRITERIA AND FORMATS

UCL Policy on Electronic Mail ( )

Acceptable Use Policy

Information Security Data Classification Procedure

THE SLAC ARCHIVES AND HISTORY OFFICE PURPOSE

The City of Mississauga may install Closed Circuit Television (CCTV) Traffic Monitoring System cameras within the Municipal Road Allowance.

DATA STEWARDSHIP STANDARDS

Farmingdale State College Records Management Training PRESENTED BY DOROTHY HUGHES INTERNAL CONTROL OFFICER AND RECORDS MANAGEMENT OFFICER

Freedom of Information and Protection of Privacy (FOIPOP)

Local Government Management Association

RECORDS MANAGEMENT AND YOU

Responsible Officer Approved by

Privacy Policy on the Responsibilities of Third Party Service Providers

Records Management - Part 1. Records Retention Folders

Managing your Office's Records at CFTC

POLICY AND PROCEDURE Electronic Mail Retention Guidelines

POLICIES AND PROCEDURES

Request the Creation and Changes to Security Access Groups

UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY September 20, 2017

Learning Management System - Privacy Policy

RI AND RF CRITERIA AND FORMATS

Management Guidelines - Roadmap LIBRARY AND ARCHIVES CANADA GOVERNMENT RECORDS BRANCH

Clearing Out Legacy Electronic Records

Protecting Personally Identifiable Information (PII) Privacy Act Training for Housing Counselors

Acceptable Use Policy

Policies and Procedures

Information Security Policy

Common approaches to management. Presented at the annual conference of the Archives Association of British Columbia, Victoria, B.C.

CREATE YOUR RECORDS RETENTION AND DISPOSITION SCHEDULE. Tweet about this session at #MMLConference

Cleveland State University General Policy for University Information and Technology Resources

Best Practices for Organizing Electronic Records

GUIDELINES. Effective date: April 2018 Contact: United Nations Archives and Records Management Section: Review date: April 2020

Introduction to SURE

Gramm Leach Bliley Act 15 U.S.C GLBA/HIPAA Information Security Program Committee GLBA, Safeguards Rule Training, Rev.

TELEPHONE AND MOBILE USE POLICY

ELECTRONIC RECORDS MANAGEMENT

Violations of any portion of this policy may be subject to disciplinary action up to and including termination of employment.

PCA Staff guide: Information Security Code of Practice (ISCoP)

Information Security Management Criteria for Our Business Partners

UNIVERSITY ARCHIVES RECORDS RETENTION SCHEDULE

Australian Standard. Records Management. Part 2: Guidelines AS ISO ISO TR

County of Sacramento

1997 Minna Laws Chap. February 1, The Honorable Jesse Ventura Governor 130 State Capitol Building

Data Governance Framework

MANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors

The Apple Store, Coombe Lodge, Blagdon BS40 7RG,

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

TRICARE Operations Manual M, April 1, 2015 Records Management (RM) Chapter 9 Section 1

Administrative Policies and Procedures

Building Information Modeling and Digital Data Exhibit

Internet, , Social Networking, Mobile Device, and Electronic Communication Policy

Virginia Commonwealth University School of Medicine Information Security Standard

Oracle Data Cloud ( ODC ) Inbound Security Policies

Access Control Policy

Information technology security and system integrity policy.

Records Retention Training

Architecture and Standards Development Lifecycle

ACCEPTABLE USE ISO INFORMATION SECURITY POLICY. Author: Owner: Organisation: Document No: Version No: 1.0 Date: 10 th January 2010

Computer Security Incident Response Plan. Date of Approval: 23-FEB-2014

Policy. London School of Economics & Political Science. Remote Access Policy. IT Services. Jethro Perkins. Information Security Manager.

Transcription:

Document Title: Email Policy Pages Document Type: Policy 6 No. Of Scope: Government of Newfoundland and Labrador (GNL) Trim # DOC15481/2009 Revision ( # ) 27 Treasury Board Approval ( # ) TBM2009-298 Supersedes Email Policy previously approved by TBM 2006-157 2009-02-03 2009-10-08 2018-02-19 Application and Information Management Services Office of the Chief Information Officer Secretary Date Created TB Approval Date Date of last review Lead Branch - Name Department Treasury Board Approval

Table of Contents 1.0 Introduction... 3 2.0 Purpose... 3 3.0 Scope... 3 4.0 Definition and Acronyms... 3 4.1 Email as a government record... 4 4.2 Email as a transitory or non-record... 4 4.3 Management and Retention of E-mail... 5 4.4 Responsibilities of records creators... 5 4.5 Public body responsibilities... 6 5.0 Approval Process... 6 6.0 Change Process... 6 7.0 References... 7 Page 2 of 7

1.0 Introduction Under the Management of Information Act, the Office of the Chief Information Officer (OCIO) has authority for developing and leading the implementation of IM policy and standards for Government; and for providing consultation and advisory services in IM to Government. The Rooms Provincial Archives is mandated, through the Rooms Act, to preserve those records of the Government of Newfoundland and Labrador which are deemed to have enduring legal, fiscal, evidential, or research value. Such records are to be preserved regardless of their physical form or characteristics. Electronic records, like their paper counterparts, need to be recorded, captured in a form which ensures their authenticity and integrity, and made accessible. Electronic records need to provide the same evidence of business activity and the same level of accountability as paper records. Electronic records must also be able to meet the immediate and future needs of organizations, individuals and society. Email, as part of this group of electronic records, needs proper management through appropriate policies and procedures, as well as monitoring and compliance tools. 2.0 Purpose This policy addresses those email messages which are considered to be government records as defined by the Management of Information Act making them subject to the same management principles as government records in paper format. The policy will promote the effective capture, management, and retention of email messages which are government records, in compliance with information management retention requirements. 3.0 Scope This policy applies to all government departments and public bodies as defined under the Management of Information Act. This policy includes management of email regardless of method of access and use (i.e., use of e-mail via desktop and any wireless mobile devices). 4.0 Definition and Acronyms Email is defined as messages, including attachments sent and received electronically between personal computers or terminals linked by communications facilities. This includes address information (to, from, cc, bc, subject and date) and the message content. Page 3 of 7

4.1 Email as a government record Government of Newfoundland and Labrador Email Policy The Management of Information Act defines a government record as any record created by or received by a public body in the conduct of its affairs and includes a cabinet record, transitory record and an abandoned record. Thus, email is a government record when it is created or received in connection with the transaction of Government business. For example, when it records official decisions; communicates decisions about policies, programs and program delivery; or contains background information used to develop other Government documents. Government records may not be destroyed without the authorization of the Government Records Committee, as outlined in the Management of Information Act. When an email is a government record it is subject to legislation such as the Management of Information Act, the Rooms Act, and the Access to Information and Protection of Privacy Act, 2015, and to legal processes such as discovery and subpoena. Any information transmitted via e-mail and classed as a government record, shall be treated in the same manner as any other important records, in any medium, received or created by a public body. Such records shall be captured into records management systems. As well, electronic messages captured into a records management system are subject to the provisions of the Management of Information Act, and shall be scheduled for disposal or retention, as approved by the Government Records Committee, according to the class of records to which they belong. 4.2 Email as a transitory or non-record Not all messages sent and received via e-mail are government records as defined by the Management of Information Act; therefore not all messages are subject to the provisions in the Act. The Act defines a transitory record as a government record of temporary usefulness in any format or medium having no ongoing value beyond an immediate and minor transaction or the preparation of a subsequent record. Transitory records include: Copies of convenience or reference Personal messages Messages that convey a minor or administrative action (e.g., I will attend the meeting) Messages that contain content encapsulated in another record (e.g. exchange of draft documents between collaborators, the content of which is contained in a final report) Existing transitory records are still discoverable as evidence of Government of Newfoundland and Labrador business activities and are subject to ATIPPA, 2015 requirements. Retention of transitory records may compound significantly the discovery process as information that should have been destroyed must be processed to the same Page 4 of 7

standard as other government records in the event of an ATIPP request, audit, inquiry, litigation, etc. Transitory records must be deleted when no longer of value and this may be done without a records retention and disposal schedule. The employment of appropriate information management principles will ensure that records are kept or destroyed as a routine part of business. If there is doubt about whether a particular type of e-mail is a government record or not, advice should be sought from a Records/Information Management representative in the public body or the Information Management Services Division in the Office of the Chief Information Officer. 4.3 Management and Retention of E-mail Electronic messages should not be isolated from records and information management systems in the public body. A records management system consists of a set of classifications of records by type and function, sometimes known as records series, and a set of retention periods attached to each type of record. It also includes decisions regarding the final disposition of records, specifically whether, at the end of their life span, they are destroyed or transferred to the Rooms Provincial Archives for permanent retention. 4.4 Responsibilities of records creators: Email messages, and/or attachments required as evidence of a public body s business activity (i.e. those that are considered official government records), shall be captured using one of the following options. The appropriate procedure(s) is to be determined by the public body. 1. Save the email into an Electronic Document Management System (EDMS) designed specifically for the purpose of managing electronic records; OR 2. Print the message and any applicable attachments to paper and incorporate into the public body s paper records management system; OR 3. Save the message and/or its attachment(s) in a directory outside the email system, which is a part of the public body s official records system (e.g., local area network directory); OR 4. Transmit the message electronically to a central records repository or other appointed representative for incorporation into the public body s records management system It is undesirable and unnecessary to maintain both electronic and paper copies of emails. Management of email accounts: Individual email users are responsible for managing their own email accounts. In addition to the requirements outlined above, email users must keep all login names and passwords confidential in order to protect the security of their records. Page 5 of 7

Use of e-mail system: Government s email system is reserved for official Government business, and should not be used for personal purposes. Use of government email for personal financial gain is prohibited. Advertisements which are not work-related are inappropriate and should not be transmitted. The sharing of proprietary software or other copyrighted materials and the distribution of chain letters or other junk mail is also unacceptable. Broadcast messages to all users are not permitted except for official Government purposes, through official designates (for example, Communications staff circulating notices on behalf of a department). Email accounts on the government e-mail system are the property of the government and subject to government inspection and review. Email security: Any email sent outside the government e-mail system is not secure. Therefore, users should be cautious about the type of message they send outside the Government mail system. Confidential information should not be sent via email outside the Government mail system. 4.5 Public body responsibilities Public bodies are responsible for ensuring that employees are trained in policies and procedures regarding email use and management. This training can be facilitated through the OCIO. When an employee is no longer attached to Government it is the responsibility of the Human Resource Division, in cooperation with the employee s immediate supervisor, to notify OCIO personnel. This will ensure the termination of an employee s email account upon departure. 5.0 Approval Process Government Records Committee Treasury Board - TBM2009-298 6.0 Change Process This policy will be changed as necessary in order to appropriately reflect current software and media standards and email usage. Page 6 of 7

7.0 References Email Guidelines Instant Messaging Directive Use of Non-Government Email for Work Purposes Acceptable Use Directive Page 7 of 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback