840 Use of Electronic Mail

The University provides electronic mail resources to support the educational and administrative activities of the University and serve as a means of official communication by and between users and the University in its work of teaching, scholarly research, and public service. This administrative policy statement sets forth the University’s policy with regard to use of, access to, and disclosure of electronic mail to assist in ensuring that the University’s resources serve those purposes. This policy applies to all faculty, staff, students, and other affiliated classes of individuals, including alumni and official visitors, who use the Indiana State University network and systems - including electronic mail.

Indiana State University will make reasonable efforts to maintain the integrity and effective operation of its electronic mail systems, but users are advised that these systems should in no way be regarded as a secure medium for the communication of sensitive or confidential information. Because of the nature and technology of electronic communication, ISU can assure neither the privacy of an individual user’s use of the University’s electronic mail resources nor the confidentiality of particular messages that may be created, transmitted, received, or stored.

• 840.2.1 Public Records. In addition, Indiana law provides that communications of University personnel that are sent by electronic mail may constitute “correspondence” and, therefore, may be considered public records subject to public inspection under the Access to Public Records Act (IC 5-14-3-3).

• 840.3.1  Authorized Users. Only ISU faculty, staff, and students and other persons who have received permission from the appropriate University authority are authorized users of the University’s electronic mail systems and resources.
• 840.3.2 Purpose of Use. The use of any University resources for electronic mail must be related to University business, including academic pursuit. Incidental and occasional personal use of electronic mail may occur when such use does not generate a direct cost for the University. Any such incidental and occasional use of University electronic mail resources for personal purposes is subject to the provisions of this policy.
• 840.3.3 Acceptable Use. All uses of ISU email are subject to the provisions of Policy 810 Acceptable Use of Information Technology, and email users are required to be familiar with this policy.

Use of Electronic Mail is prohibited as follows:

1. Personal use that creates a direct cost for the University.
2. Use for personal gain or for a commercial purpose that is not directly related to University business.
3. Use for political or lobbying activities.
4. Use to create or maintain a false alias email address to impersonate someone or send fraudulent or harmful communications.

Other prohibited uses of electronic mail include, but are not limited to:

1. Use of email  in violation of copyright laws.
2. Capture and “opening” of electronic mail except as required in order for authorized employees to diagnose and correct delivery problems.
3. Use of electronic mail to harass or intimidate others or to interfere with the ability of others to conduct University business.
4. Use of electronic mail systems for any purpose restricted or prohibited by laws or regulations.
5. “Spoofing” - which is defined as constructing an electronic mail communication so it appears to be from someone else.
6. “Spam” - which is defined as  -  mass sending of unsolicited electronic mail.
7. Attempting unauthorized access to electronic mail or attempting to breach any security measures on any electronic mail system, or attempting to intercept any electronic mail transmissions without proper authorization.

• 840.6.1 Access and Disclosure. To the extent permitted by law, the University reserves the right to access, inspect and disclose the contents of faculty, staff, student, and other users' electronic mail without the consent of the user. The University will do so when it believes it has a legitimate business interest and only after explicit authorization is obtained from the appropriate University authority.
• 840.6.2 Faculty, Staff and Non-student Email. Faculty, staff, and other non-student users are advised that the University’s electronic mail systems should be treated like a shared filing system, with the expectation that communications sent or received on University business or with the use of University resources may be made available for review by any authorized University official for purposes related to University business. Email services are provided only to staff and faculty while the user is employed by the University or otherwise retains an affiliation with the University in which ISU email access is necessary.  When a user’s electronic services and computing privileges are terminated, the former employees may no longer access the contents of their mailboxes and are prohibited from exporting their mailbox to a personal account before departure.
• 840.6.3 Student Email. Electronic mail of students may constitute “education records” subject to the provisions of the Family Educational Rights and Privacy Act of 1974 (FERPA). The University may access, inspect, and disclose such records under conditions that are set forth in the statute. Email services are provided only while a student is enrolled in the University and once a student’s electronic services and computing privileges are terminated, students may no longer access the contents of their email boxes.
• 840.6.4 Use of Encryption Devices. Any user of the University’s electronic mail resources who makes use of an encryption device to restrict or inhibit access to their electronic mail must provide access to such encrypted communications when requested to do so under appropriate University authority.
• 840.6.5 Monitoring of Communications. The University will not monitor electronic mail as a routine matter but it may do so to the extent permitted by law as the University deems necessary for purposes of maintaining the integrity and effective operation of the University’s electronic mail systems.
• 840.6.6 Inspection and Disclosure of Communications. The University reserves the right to inspect and disclose the contents of electronic mail:
  1. in the course of an investigation triggered by indications of misconduct or misuse,
  2. as needed to protect health and safety,
  3. as needed to prevent interference with the academic mission, or
  4. as needed to locate substantive information required for University business that is not more readily available by some other means.
  5. in accordance with 840.2.5.1.
     • 840.6.6.1 No Other Means. The University may inspect and disclose the contents of electronic mail when such action is not more readily available by some other means.
• 840.6.7 Limitations on Disclosure and Use of Information Obtained by Means of Access or Monitoring. The contents of electronic mail communications, properly obtained for University purposes, may be disclosed without permission of the user. The University will attempt to refrain from disclosure of particular communications if disclosure appears likely to create personal embarrassment, unless such disclosure is required to serve a business purpose or satisfy a legal obligation.
• 840.6.8 Special Procedures to Approve Access to, Disclosure of, or Use of Electronic Mail. Individuals needing to access the electronic mail communications of others, to use information gained from such access, and/or to disclose information from such access and who do not have the prior consent of the user must obtain approval in advance of such activity from either the Chief Information Officer, the Provost or the President.

Appropriate disciplinary action will be taken against individuals found to have engaged in prohibited use of the University’s electronic mail resources.

• 840.8.1 Public Inspection of Electronic Mail. Communications of University employees in the form of electronic mail may constitute “correspondence” and therefore may be a public record subject to public inspection under the Indiana Access to Public Records Act (IC 5-14-3-3).
• 840.8.2 Retention and Archiving of Electronic Mail. Electronic mail messages produced or stored using University resources will be subject to such retention and archiving requirements as may be established by appropriate University authorities.

Employees shall not forward ISU email to a personal account.  Use of a non-ISU email account for ISU business, including interactions with current students as a part of academic correspondence, is a violation of this policy.