E-Mail Policy

PURPOSE

Shepherd University provides students, faculty, staff, and certain affiliates with e-mail addresses which are to be utilized for legitimate university-related activities and communication. E-mail is considered an IT resource and is subject to the provisions of this policy, as well as other IT related policies.

POLICY

Shepherd University IT Services is the owner of e-mail and directory information and provides creation, management and distribution of official Shepherd University e-mail accounts. To the extent a user forwards the content of a Shepherd University e-mail account to another e-mail address (e.g. personal gmail), the user assumes all responsibilities for the consequences of delivery beyond the Shepherd University e-mail service domains. The forwarded content, however, remains subject to applicable public records laws and related Shepherd University policies.

All existing policies, standards, and regulations that apply to other forms of communication at Shepherd University also apply to e-mail. Additionally, the following specific actions pertaining to the use of e-mail accounts and services of Shepherd University are considered a violation of this policy:

1. Misrepresentation or concealment of names or affiliations in e-mail messages.
2. Alteration of the source or destination address of an e-mail.
3. Use of Shepherd University e-mail services for any unauthorized commercial/personal business or organized political activity that is inconsistent with Shepherd University tax-exempt status or serves as a conflict of interest.
4. Any use of e-mail to harass, intimidate, or threaten to cause emotional/physical harm to person(s) and/or damage to property, including deliberately sending frivolous or excessive e-mails (e.g. phishing or spam).
5. Use of large attachments that exceed standards, as an attempt to disrupt or alter Shepherd University e-mail services.

The use of e-mail, as well as information assets and IT resources, is a privilege and not a right. Shepherd University e-mail services are considered as an official means for communicating Shepherd University business and may be the sole means of communication to users. Students, faculty, staff, and affiliates are presumed to read and understand all official Shepherd University e-mail messages sent to their university e-mail account. Usage of listservs are encouraged to manage distribution of e-mails to the large amount of users. Mass emergency e-mails, such as RAVE, will follow the campus emergency notification process.

PRIVACY, OPERATIONS, and MONITORING

Users are reminded that any e-mail sent from a Shepherd University account or residing on any Shepherd University e-mail services/systems may be considered as public record(s) and subject to disclosure. Shepherd University seeks to maintain its IT environment and manage all information assets including data, computing devices, systems technology, telephony, and IT resources in a manner that respects individual privacy and promotes user trust. However, the use of Shepherd University IT resources is not completely private, and users should have no expectation of privacy in connection with the use of any information asset or IT resource.

Shepherd University has the legal right to access, preserve, and review all information stored on or transmitted through any information asset or IT resource, including the inspection of e-mail messages, logging of activities, monitoring usage patterns, and data audits/integrity checks. IT Services may, with or without notice to users, take any other action it deems necessary to preserve, secure, and protect systems, information assets, or IT resources for the betterment of Shepherd University. Without limiting its right to take action, Shepherd University may, in it’s sole discretion, disclose the results of any general or individual monitoring or access permitted by this policy, including the contents and records of individual communications, to appropriate Shepherd University personnel and/or law enforcement agencies.

SCOPE of AFFECTED PARTIES

This policy applies to all users, such as students, faculty, and staff of Shepherd University and to other persons accessing Shepherd University information assets and/or IT resources including but not limited to authorized agents or community members, regardless of whether such information asset or IT resource is accessed from on-campus or off-campus.

ACCOUNTS

FACULTY and STAFF
E-mail services are available for faculty and staff to conduct and communicate official University business. Incidental personal use of e-mail is allowed with the understanding that the primary use be job-specific, and that occasional use does not adversely affect work responsibilities of the user or the performance of IT information assets or resources. With the exception of retired Emeritus Faculty, e-mail services are provided only while a user is employed by the university. Once a user’s employment ceases, either voluntarily or involuntarily, their email is disabled, preventing them from accessing the contents contained within e-mail mailboxes. If a departing employee needs to gain access to their previous e-mail account/mailbox contents, accommodations will need to be approved by a designee of the Executive Leadership Team in writing.

STUDENTS
E-mail services are available for students to support learning, research, and to serve as formal communication by and between themselves and Shepherd University. Access to e-mail services will remain active as long as a student is actively enrolled in classes, but student email accounts will be disabled 3 months after their last enrolled semester. This allotted time is intended to provide adequate time for transferring e-mail and other content to a personal e-mail service.

AFFILIATES and OTHERS
Individuals with special affiliations with Shepherd University are granted limited e-mail privileges, commensurate with the nature of their special relationship. Shepherd University is free to discontinue these privileges at any time.

ROLES & RESPONSIBILITIES

All Shepherd University students, faculty, staff, and other parties with access to Shepherd University information assets and IT resources shall be responsible for:

USERS

• Usage of e-mail, as well as all information assets and IT resources, in compliance with all applicable laws and Shepherd University policies, standards, guidelines, regulations, and procedures.
• Understand and comply with the guidance provided by this policy, as well as applicable compliance programs and affiliated awareness training.
• Become educated on phishing attacks, malware, and other e-mail obstacles by adhering to announcements from Shepherd University IT Services in e-mail or by visiting the Shepherd University IT Services webpage.
• Be diligent in securing your e-mail credentials.
• Promptly report any suspected violation of this policy, any security events, and/or incidents involving a suspected compromise of a user’s account or IT resource to itworkorder@shepherd.edu.

CIO/CISO – INFORMATION PRIVACY OFFICER

• Oversee and administer this policy.
• Provide authorization and direction to IT Services staff in accordance with this policy.
• Develop awareness and necessary training materials as it pertains to this policy.

IT SERVICES STAFF

• With appropriate authorization, take directed action in accordance with this policy to preserve, secure, and protect the interests of Shepherd University.
• Ensure all associated procedures are followed and documented accordingly when taking any actions outlined in this policy.

RELATED TOOLS

RELATED POLICIES & GUIDELINES
BOG#35: Information Technology Security
Acceptable Use Policy
IT Information Security & Privacy Policy
International Travel Security Policy
Password Guidelines
Social Security Number Guidelines
Work from Home / Remote Access Guidelines

POLICY: E-Mail Policy
IMPACT: Data, Technology, and IT Resources
RESPONSIBLE OFFICE: IT Services
CREATED: August 18, 2021
REVIEWED: February 19. 2024; November 28, 2022
APPROVED BY: CIO/CISO – Information Privacy Officer
VERSION: 24.1