m acta I. PURPOSE The Information Systems (IS) Department is responsible for development and maintenance of this policy. The Finance and Administration Division is responsible for publishing and distributing this policy. Each employee is responsible for exercising good business judgment in their use of Orange County Transportation Authority (OCTA) provided electronic mail services. II. III. ORGANIZATIONAL UNITS AFFECTED This policy applies to all OCT A employees. POLICY It is the policy of OCTA that electronic messaging systems, including but not limited to, e-mail and instant messaging are to be used for business purposes. E-mails are subject to the Public Records Act; and therefore, subject to disclosure to the public. IV. DEFINITIONS Not applicable. V. PROCEDURE A. OCT A provides electronic messaging resources to assist in conducting OCT A business. B. All messages composed, sent or received by any person using OCTA provided equipment are stored in the company provided electronic messaging systems, and are the sole property of OCT A. C. Upon separation from OCTA, all access to electronic messaging resources, including the ability to download, forward, print or retrieve any message stored in the system, regardless of sender or recipient will be denied. D. If deemed necessary for business needs, an employee will be assigned a unique e-mail address that is to be used while conducting OCTA business via e-mail. E-mail signature blocks may only contain pertinent sender contact information. Phrases, quotes, graphics and displays above and below the signature block are not an allowable practice at OCT A. FA-IS-380.0SELECMAIL CEO.doem (12/14/10) Page 1 of S
Policy#: EO-IS-380.05ELECMAIL Origination Date: 08/17/1994 Revised Date: 10/13/2010 E. OCTA reserves the right to intercept, monitor, review and/or disclose any and all messages composed, sent or received by OCTA property. The interception, monitoring and reviewing of messages may be performed with the assistance of content filtering software, or by designated company employees and/or designated external entities. Employees designated to review messages may include, but are not limited to, Mail Administrator, an employee's supervisor or manager and/or representatives from Human Resources, Labor/Employee Relations, legal counsel, and Internal Audit. F. OCTA reserves the right to alter, modify, re-route or block the delivery of messages as appropriate. G. The unique e-mail addresses and/or instant messaging identifiers assigned to an employee are the property of OCT A. Employees may use these identifiers only while employed by OCTA. The right to use these identifiers terminates upon separation from OCT A service. H. Employees are prohibited from disabling anti-virus software running on OCTA provided computer equipment. I. OCT A sets a global mailbox size on all OCTA mailboxes. It is the responsibility of each employee to perform regular housekeeping of their mailboxes. J. OCTA employs certain practices and procedures in order to maintain the health and efficiency of electronic messaging resources, to achieve OCTA business objectives and to meet various regulations. 1. OCTA treats electronic messages as a business record. As with any business record, established practices and procedures for the safekeeping, retention, and ultimate destruction of the business record must be followed. 2. OCTA archives and retains copies of all internal and external electronic messages on a daily basis. 3. Electronic mail generates correspondence, some of which may be official records in need of protection/retention. It is the responsibility of staff to determine if an e-mail message is covered within the scope of a record series on their department records retention schedule. It is also the responsibility of the department staff to provide appropriate storage arrangement for any messages which must be retained. Retention of records can occur by printing out the message or moving the message to an external storage file. K. While electronic messaging resources allow employees to conduct company business efficiently, use of e-mail comes with some inherent risks. All employees should be aware of these risks and take precautions as well as exercise good business judgment to mitigate them: FA-IS-380.0SELECMAIL CEO.doem (12114/10) Page 2 of S
1. Electronic messages are legally discoverable and permissible as evidence in a court of law. 2. Messages sent electronically can be intercepted inside or outside OCTA and as such there should never be an expectation of confidentiality. Do not disclose proprietary or confidential information through e-mail messages. Confidential messages should be communicated in person and in private, and adhere to any and all policies and procedures which may apply. 3. Use caution and good business judgment in determining whether a message should be delivered electronically instead of in person. Time sensitive communications such as requests for services which require immediate attention should be tendered in person or through other verifiable means. There is not provision within the e-mail system for guaranteeing that a time sensitive message will be read by the intended receiver in a timely manner. 4. Electronic messages are frequently inadequate in conveying mood and context. Use good business judgment to carefully consider how the recipient might interpret a message before composing or sending it. Employees should always compose their messages in a courteous and respectful manner. Language which is insulting, offensive, disrespectful, demeaning, or sexually suggestive, or which contains sexual or ethnic slurs, obscenities or any representation of obscenities, could constitute harassment and will not be tolerated. 5. Even though OCTA employs up to date anti-virus software, some virus infected messages may enter OCT A's messaging systems. Viruses, "worms" and other malicious code can spread quickly if appropriate precautions are not taken: a. Be suspicious of messages sent by people not known by you. b. Do not open attachments unless they were anticipated by you. c. Disable features in electronic messaging programs that automatically preview messages before opening them. 6. Chain letters should be deleted, not forwarded. 7. OCTA considers unsolicited commercial e-mail (spam) a nuisance and potential security risk. Do not attempt to remove yourself from future delivery of a message that you determine is spam. These "Remove Me" links often are authors of spam as a means to verify active e-mail accounts. Attempting to remove an e-mail address may result in increased spam. If you receive such spam repeatedly, please contact the IS Help Desk. 8. Internet message boards can be a source from which mass junk e-mailers harvest e-mail addresses and e-mail domains. Do not use OCTA provided e-mail addresses when posting to message boards or non-related business sites. FA-IS-380.0SELECMAIL CEO.doem (12/14/10) Page 3 of 5
9. Training on the electronic messaging system is administered jointly by the IS Department and the Training Department. An initial, brief training on the system is presented to new employees during their orientation session. Thereafter, regular training classes are offered to all employees on the electronic messaging system in line with the acta Training Program. 10. For the purposes of this policy, which is applicable to all acta employees, a global message is defined as any message which is distributed to all employees who are on the OCTAin Network. 11. All electronic mail messages are official acta records. Therefore, messages disbursed through the global option of the electronic messaging system should be those which are involved in acta business activities or contain information - essential to all acta employees. 12. The use of the global messaging option on electronic mail is restricted, but not limited to the following: a. Communications from the CEO b. Administrative communications; any business related events, changes, or projects which will have an impact on groups of acta employees or which the employees should be informed of, including: (1) Policy or procedural changes or additions/deletions that affect all acta employees (2) acta business actions which affect all acta employees (3) Regular or special meetings intended for all employees (4) Employee security (5) Human Resources communications relaying specific information about employee benefits such as deferred benefits, retirement benefits, or health care benefits as approved by the Executive Director of Finance and Administration. (6) Information systems communication (7) Communications including but not limited to training, global equipment downtime, virus warnings and network maintenance (8) Announcements about new hires and promotions c. Any messages which do not fall into these categories may not be disbursed through the global messaging option, unless approved by the requesting Executive Director. d. Global messages will only be distributed by the Executive Director approved departmental staff or by the IS Help Desk. FA IS-380.05ELECMAIL CEO.doem (12/14/10) Page 4 015
Policy#: EO-IS-380.05ELECMAIL Origination Date: 08/17/1994 Revised Date: 10/13/2010 VI. EXCEPTIONS OCTA reserves the right to revise this policy, at any time, including its practices and process. Policy revisions shall be disseminated to all affected employees upon approval of the Chief r. Electronic mail is provided for the purpose of conducting OCTA business. Subject to the restrictions in this policy and if permitted by the employee's supervisor, some occasional and limited personal use of electronic messaging is allowed so long as it does not interfere with the performance of the employee's OCT A duties and does not result in any additional expense to OCT A. However, electronic mail shall not be used for email chain letters, for religious or political advocacy, for excessive personal communications, for personal financial gain, to seek outside employment, for any purpose that could reasonably be viewed as abusive, harassing, hostile or intimidating to OCTA customers or employees, to access entertainment or sexually explicit sites, or for any use otherwise prohibited by law. OCTA reserves the right to monitor and review all records of usage by OCT A employees of any OCT A assets. No use of OCT A electronic mail, or use of any other OCTA asset shall be private to the employee, and no OCTA employee shall be given any basis for an expectation of privacy in any such use. VII. PROVISIONS AND CONDITIONS A. OCTA prohibits discrimination based on age, race, gender, sexual orientation, religion or other protected status. Use of electronic messaging resources to discriminate for any or all of the aforementioned reasons is prohibited. B. Any employee who discovers a violation of this policy should immediately notify a supervisor or manager. C. Any employee in violation of this policy is subject to disciplinary action, up to an including, termination. VIII. RELATED DOCUMENTS Not applicable. END OF POLICY FA-IS-380.05ELECMAIL CEO.doem (12/14/10) Page 5 015