REG - 70.00.5 Electronic Mail (E-mail) Regulation
- ISO 27002
- NC Statewide Information Security Manual
- NCCU POL 01.04.3 (Free Speech and Free Expression Policy)
- NCCU REG 01.04.2 (University Record Retention and Disposition Schedule Regulation)
- NCCU REG 01.04.3 (Public Records Request Regulation)
- NCCU REG 70.00.2 (Data and Information Regulation)
- NCCU REG 70.00.4 (Responsible Use Regulation)
- NCCU REG 80.06.7 (Faculty and Non-Faculty EHRA Employees Conflicts of Interest and Commitment Regulation)
1. Purpose
This regulation establishes the requirements for sending electronic mail (e-mail) and/or using the e-mail systems at North Carolina Central University (“NCCU” or “University”) for both business and personal use.
2. Scope
The regulation applies to all e-mail systems and services provided or owned by NCCU and all users.
3. Acceptable Use of E-mail
3.1 E-mail is an approved medium for communicating with students, faculty, staff, and individuals outside of the campus community designed to support the teaching, learning, instructional, research, administrative services, and other activities of NCCU. E-mail users at NCCU have the responsibility to use e-mail in an efficient, effective, ethical, and lawful manner, and in accordance with applicable University policies, regulations, and rules. E-mail users are expected to follow the same expectations as would apply in any other form of written or face-to-face communication. NCCU e-mail users transmitting sensitive or confidential information, as defined in the NCCU REG 70.00.2 (Data and Information Regulation), are required to use encryption. (Data encryption instructions are located in the ITS Knowledge Base at this link: https://nccu.teamdynamix.com/TDClient/KB/ArticleDet?ID=74268).
3.2 E-mail users are advised to take care when opening attachments, clicking on links, or following suspicious instructions in emails accessed through the NCCU e-mail system. Users should report all suspicious e-mails to the Information Security Office in the Department of Information Technology Services at [email protected].
3.3 To obtain e-mail related to University business, a supervisor or other University official may have access to a user’s University email for work-related purposes, provided that the owner of the data is not available to produce the data and authorization to access another’s system has been expressly approved in advance by the employee’s immediate supervisor, next-level supervisor or administrative head of that division in accordance with applicable University processes.
3.4 E-mail activities that violate NCCU REG 70.00.4 (Responsible Use Regulation) are prohibited. This includes activities that cause harm or damage to University resources. E-mail users will exercise care to ensure accuracy of content and recipient(s) of messages. Specific prohibited activities include but are not limited to the following:
3.4.1 Concealment or misrepresentation of yourself in e-mail messages;
3.4.2 Alteration of source or destination address of e-mail;
3.4.3 Use of e-mail for commercial, private, or not-for-profit business purposes;
3.4.4 Use of e-mail for organized political activity or political solicitation;
3.4.5 Use of e-mail to transmit communications of unlawful harassment or threats, or that defames other individuals;
3.4.6 Sending frivolous or excessive messages, including junk mail, spamming, chain letters, and other types of unsolicited messages;
4. Mass E-mail
4.1 Only the following individuals or their designee are authorized to send campus-wide e-mails:
4.1.1 Chancellor;
4.1.2 Provost and Vice Chancellor for Academic Affairs;
4.1.3 Vice Chancellor for Administration & Finance;
4.1.4 Vice Chancellor for Student Affairs;
4.1.5 Vice Chancellor for Institutional Advancement;
4.1.6 Chief of Police;
4.1.7 Chief Information Officer;
4.1.8 Associate Vice Chancellor for Communications and Marketing; and
4.1.9 Chief Human Resources Officer.
4.2 Designees of these officials must be documented with approval from the appropriate senior level administrator and Associate Vice Chancellor for Communications & Marketing. Appropriate campus-wide e-mail messages from the Office of Communications & Marketing must:
4.2.1 Alert the campus community to an emergency situation on campus;
4.2.2 Provide information about situations that would substantially alter the normal operation of the university (for example, weather-related class delays or closings, and special university-wide events);
4.2.3 Contain information relating to academic or campus community life that is important to significant portions of the faculty, staff, administration and students (for example, registration and financial aid deadlines, news and events, etc.); or
4.2.4 Contain information that the Chancellor and/or appropriate Vice Chancellor judge to be critical and time sensitive for the campus community.
5. E-mail Disclaimer Instructions
5.1 All users of the NCCU e-mail system who choose to use an email disclaimer must use the standard disclaimer provided below:
CONFIDENTIALITY NOTICE: This communication and any attachments may contain confidential and/or legally privileged information. It is solely for the use of the intended recipient(s). Unauthorized interception, review, use or disclosure is prohibited and may violate applicable laws. If you are not the intended recipient, please contact the sender and destroy all copies of the communication.
6. Retention and Public Records of E-mail
6.1 E-mail will be retained in accordance with NCCU REG 01.04.2 (University Record Retention and Disposition Schedule Regulation).
6.2 In general, e-mail is considered a public record and subject to applicable state law and NCCU policies and regulations, including NCCU REG 01.04.3 (Public Records Requests Regulation).
7. Violations and Enforcement
7.1 E-mail systems are subject to NCCU REG 70.00.4 (NCCU Responsible Use Regulation).
7.2 NCCU reserves the right to intercept, monitor, review, and/or disclose any and all messages composed, sent or received on the University e-mail system. Employees designated to review messages may include, but are not limited to, an employee's supervisor or manager and/or representatives from the Department of Human Resources, Office of Legal Affairs, Division of Information Technology Services, and/or the University Police Department.
7.3 NCCU reserves the right to re-route or block the delivery of messages as appropriate. This includes but is not limited to:
7.3.1 Rejecting, quarantining, or removing attachments and/or malicious code from messages that may pose a threat to University resources;
7.3.2 Discarding large attachments, that are considered to be of little business value and involve a significant resource cost;
7.3.3 Rejecting or quarantining messages with suspicious content;
7.3.4 Rejecting or quarantining messages containing unlawful harassment or true threats; and
7.3.5 Re-routing messages with suspicious content to designated University employees for manual review.