This document should be read in conjunction with the following:
Email & Internet Policy
Email & Internet Code of Practice

1. Do not copy (insert organisation name) licensed software or download unauthorised software from the Internet/CDs/disks. You may breach copyright rules and the fines can be hefty.
2. Do not copy or download any software, including but not limited to games, screensavers, desktop themes, from the Internet. All software must be installed or downloaded by the System Administrators.
3. Remember: Electronic Mail leaves a permanent record, and that record can be admissible as evidence in a court of law.
4. Personal use of Email is allowed but use is restricted to outside office hours or during lunch breaks.
5. To maintain security and protect (insert organisation name) systems do not open executable files (jokes etc) from the Internet or Electronic Mail. Do run a virus check on all disks and CDs before you open or use them.
6. Do not use another person’s Email account to send or receive messages without their authorisation.
7. Do not extract and use text from someone else’s message without acknowledgement. This is plagiarism.
8. Do not make changes to someone else’s message and pass it on without making it clear where you have made changes. This would be misrepresentation.
9. Do not send frivolous, abusive, harassing, libellous or defamatory messages. Apart from being discourteous or offensive, they may break the law.
10. Do not solicit large volumes of incoming mail with no or marginal relevance to your role within the organisation.
11. Be very careful how you express yourself, especially if you feel heated about the subject (for instance if you are shooting off a quick response to some issue). Email lacks the other cues and clues that convey the sense in which what you say is to be taken, and you can easily convey the wrong impression.
12. Make sure that the "subject" field of your email message is meaningful. Where someone receives many messages, it can be very confusing and frustrating not to be able to judge the subject matter correctly from its subject field. This also helps recipients to use the "subject" field to manage the messages they have received.

1. Space on the network is finite so regular housekeeping will free up space and help the system run quicker and smoother.
2. Each week clean out your "Inbox", "Sent Items" and "Deleted Items" folders. Your inbox is the same as your letter box at home - you retrieve your mail, open it, read it, take action if required, throw it away, file for later use then throw it away, or file it for future reference.
3. Develop an orderly filing system for those email messages you wish to keep or print off the email and file on paper based system or transfer important messages and/or attachments to files.
4. Don't "broadcast" email messages unnecessarily. It's very easy to do, but can be very annoying to recipients (and wastes resources).
5. Remember that sending email from your account is similar to sending a letter on departmental letterhead; so don't say anything that might bring discredit or embarrassment to your department.
6. Make arrangements for your email to be forwarded to someone to handle when you go away, or install an automatic reply system advising that you will not be able to respond.

Cautions

1. (INSERT ORGANISATION NAME) may access or disclose your email under specified circumstances described in the Policy
2. Network Administrators may inadvertently see the contents of email messages in the course of their duties
3. Copies of your emails may remain on back-up systems even after you have discarded the message. Back-up copies may be retained for periods of time and in locations unknown to senders and recipients.
4. The security and confidentiality of emails cannot be guaranteed. Password protections are not foolproof
5. It is possible for senders of email to mask their identity
6. Recipients are able to forward your email without your knowledge or consent
7. The contents of forwarded messages can be changed from the original

This document should be read in conjunction with the following:
Email & Internet Code of Practice
Recommended Guidelines for Email & Internet Usage

Email and Internet services are (INSERT ORGANISATION NAME) facilities and are intended for use for communication, research and administration in support of (insert organisation name) mission.

(INSERT ORGANISATION NAME) will place constraints on the use of Email and Internet usage to protect its legal position with respect to telecommunications, copyright and contractual law, to ensure the confidentiality of communications and the protection of privacy and to comply with record keeping requirements.

The purpose of this Policy is to ensure that:

1. (INSERT ORGANISATION NAME) staff are informed about the applicability of policies and laws with regard to Email and Internet usage;
2. Email and Internet services are used in compliance with those policies and laws;
3. Users of Email and Internet services are informed about how concepts of privacy and security apply to electronic mail; and,
4. Disruptions to (insert organisation name) Email and Internet as well as other services and activities are minimised.

The following definitions apply in the policies, guidelines and codes of practice related to the use of the (insert organisation name) computing and networking facilities:

(INSERT ORGANISATION NAME) : Throughout this document (INSERT ORGANISATION NAME) stands for (INSERT ORGANISATION NAME) NSW Inc.

(INSERT ORGANISATION NAME) Record: a record in the form of electronic mail exists whenever such electronic mail is in support of (INSERT ORGANISATION NAME) business, whether or not the equipment, software, or facilities used to create, or store the electronic mail record are owned by (INSERT ORGANISATION NAME) .

Electronic Mail Services: Information technologies used to create, send, forward, receive, store, or print electronic mail.

Use of Electronic Mail Services: To create, send, forward, reply, copy, store, print, or possess electronic mail messages. For the purpose of this Policy, receipt of electronic mail is excluded from this definition to the extent that the electronic mail user does not have control over the email received.

The terms electronic mail and email are used interchangeably throughout this Policy.

This Policy applies to all electronic communication services (email, internet) provided by (INSERT ORGANISATION NAME) on all facilities and to all users and uses of such services; and to all (INSERT ORGANISATION NAME) records in the form of electronic mail in the possession of (INSERT ORGANISATION NAME) employees or other users of electronic mail services provided by (INSERT ORGANISATION NAME) . This Policy does not apply to paper records, including printed copies of electronic mail.

The purpose of this Policy is to set out guidelines for the use of electronic mail as a mechanism for general communication.

(INSERT ORGANISATION NAME) encourages staff to use Email and Internet in order to further the mission and corporate objectives of (INSERT ORGANISATION NAME) . (INSERT ORGANISATION NAME) encourages the use of Email to share information, to improve communication and to exchange ideas. This guideline only applies to (INSERT ORGANISATION NAME) provided email addresses.

(INSERT ORGANISATION NAME) allows the use of (INSERT ORGANISATION NAME) provided Email for appropriate, limited incidental personal purposes. (INSERT ORGANISATION NAME) prohibits the use of free email accounts such as Hotmail, Yahoo and Excite on (INSERT ORGANISATION NAME) provided equipment and communications.

(INSERT ORGANISATION NAME) Email and Internet services may not be used for personal business or personal gain.

Users should be aware that Email and Internet browsing are subject to the full range of laws applying to other communications, including copyright, breach of confidence, defamation, privacy, contempt of court, harassment, vilification and anti-discrimination legislation, the creation of contractual obligations and criminal law.

(INSERT ORGANISATION NAME) cannot guarantee confidentiality or undiscovered alteration of communications as current methods used to transport email cannot be regarded as secure.

The (CEO or relevant person) is the authority for approving significant amendments to (insert organisation name) policy and guidelines on Email & Internet usage.

The policy statement Email & Internet Policy will be included in the relevant (INSERT ORGANISATION NAME) Policies and Procedures manuals.

The policy on Email & Internet usage will come into effect immediately upon being approved.

The policy on Email & Internet usage will be reviewed every two years by the (CEO or relevant person).

The (CEO or relevant person) is the authority for approving amendments to the administrative procedures of (insert organisation name) policy on Email & Internet usage.

(INSERT ORGANISATION NAME) Email and Internet services are (INSERT ORGANISATION NAME) facilities; all (INSERT ORGANISATION NAME) email addresses are owned by (INSERT ORGANISATION NAME) ; and all electronic mail which is in support of (INSERT ORGANISATION NAME) business, whether or not the equipment, software, or facilities used to create or store the electronic mail record are owned by (INSERT ORGANISATION NAME) , are (INSERT ORGANISATION NAME) records.

Electronic mail, whether or not created or stored on (INSERT ORGANISATION NAME) -owned equipment, may constitute a (INSERT ORGANISATION NAME) record subject to disclosure under the Freedom of Information laws or as a result of litigation.

Use of (INSERT ORGANISATION NAME) Email and Internet services is a privilege that may be restricted, without the prior consent of the user of such services, as per paragraph 4.3. (INSERT ORGANISATION NAME) reserves the right to designate those categories of user to whom it will provide access to Email and Internet and may revoke access at any time to persons who misuse the services.

(INSERT ORGANISATION NAME) respects the privacy of users. It does not wish to routinely inspect or monitor Email & Internet browsing or to be the arbiter of its contents. Nevertheless, subject to the requirements for authorisation and notification defined in this Policy, (INSERT ORGANISATION NAME) may deny access to Email and Internet services and may retrieve, inspect, monitor, or disclose Email when appropriate as per paragraph 4.3.

Those who use the Email & Internet services are expected to do so responsibly, that is, to comply with state and federal laws, with policies and procedures of (INSERT ORGANISATION NAME) , and with normal standards of professional and personal courtesy and conduct. (INSERT ORGANISATION NAME) cannot, in general, protect users from receiving Email they may find offensive. (INSERT ORGANISATION NAME) staff, therefore, are strongly encouraged to use the same personal and professional courtesies and considerations in Email as they would in other forms of communication.

(INSERT ORGANISATION NAME) Email & Internet services may be used for incidental personal purposes provided such use does not interfere with (INSERT ORGANISATION NAME) operation of information technologies or email services, burden (INSERT ORGANISATION NAME) with incremental costs, or interfere with the user's employment or other obligations to (INSERT ORGANISATION NAME) . Because of the difficulty in determining whether or not an email message pertains to personal business or is a (INSERT ORGANISATION NAME) record, an email message will be deemed a (INSERT ORGANISATION NAME) record for the purposes of this Code of Practice if it resides on (INSERT ORGANISATION NAME) computing and networking facilities.

Email & Internet services may not be used for: unlawful activities; commercial purposes not under the auspices of (INSERT ORGANISATION NAME) ; personal financial gain; or purposes that contravene other (INSERT ORGANISATION NAME) policies or guidelines. The latter include, but are not limited to, policies and guidelines regarding sexual or other forms of harassment, religious or political activities or copyright.

When creating and sending email, users should take care not to give the impression that they are representing, giving opinions, or otherwise making statements on behalf of (INSERT ORGANISATION NAME) or any unit of (INSERT ORGANISATION NAME) unless appropriately authorised (explicitly or implicitly) to do so.

(INSERT ORGANISATION NAME) email & Internet users shall not employ a false identity or send email anonymously.

(INSERT ORGANISATION NAME) Email & Internet services shall not be used for purposes that could reasonably be expected to cause, directly or indirectly, excessive strain on any computing or networking facility, or unwarranted or unsolicited interference with others' use of email & Internet services. (Such uses include but are not limited to:

1. send or forward email chain letter;
2. 'spam ', that is, to exploit distribution lists or similar broadcast systems for purposes beyond their intended scope to amplify the widespread distribution of unsolicited email; and
3. 'letter-bomb ', that is, to resend the same email repeatedly to one or more recipients to interfere with the recipient's use of email.)

Australian law and (INSERT ORGANISATION NAME) policy prohibit, in general, the theft or other abuse of information technology facilities or resources. Such prohibitions apply to Email services, and include (but are not limited to): unauthorised entry, use, transfer, and tampering with the accounts and files of others; interference with the work of others and with other information technology resources or services. Under certain circumstances, the law contains provisions for felony offences. Users of email are encouraged to familiarise themselves with these laws and policies.

(INSERT ORGANISATION NAME) policy prohibits swearing, possession of pornography and any harassing actions and prohibits the use of company resources to visit Internet sites that are pornographic, that promote gambling and that transmit hate mail.

All users of the email & Internet services are required to take necessary precautions to protect the confidentiality of email or other records containing personal or confidential information encountered in the performance of their duties or otherwise. They should therefore utilise whatever means of protection, such as passwords, that are available to them to safeguard their email. Since such means of protection are not necessarily foolproof, the security and confidentiality of electronic mail cannot be guaranteed.

Users should be aware that on occasion Network Administrators (IT Co-ordinator and Office Manager Kent Street) may, during the performance of their duties, inadvertently see the contents of email messages. Except as provided elsewhere in the Policy, such personnel are not permitted to do so intentionally or disclose or otherwise use what they have seen.

Network Administrators will, from time to time, monitor usage and conduct an audit of email and internet usage.

Users of email services should be aware that even though the sender and recipient have discarded their copies of an electronic mail record, there may be back-up copies of such email that can be retrieved. Systems involved in the transmission and storage of email records may be "backed-up" on a routine or occasional basis to protect system reliability and integrity, and to prevent potential loss of data. The back-up process results in the copying of data onto storage media that may be retained for periods of time and in locations unknown to the originator or recipient of electronic mail. The practice and frequency of back-ups and the retention of back-up copies of email vary from system to system.

(INSERT ORGANISATION NAME) does not maintain, at present, central or distributed archives of all email sent or received. If email is backed up (see paragraph 3.3), the purposes are to assure system integrity and reliability, not archiving and retention. Users of email services should not rely on electronic mail for purposes of archiving and retention where this involves (INSERT ORGANISATION NAME) records. Consideration should be given to printing emails where archiving or retention becomes an issue for reasons of policy or sound business practice.

Users should be aware that most software used to operate networks log transactions and communications. These logs will normally include the email addresses of senders and recipients of email and the time of transmission. The content of emails themselves would not normally be logged but may be stored on mail servers. Similarly, web server logs record information on the sites people visit. The keeping of these logs is usually necessary for the routine maintenance and management of networks and systems. System Administrators are also capable of reading the contents of emails sent and received by the corporate network.

(INSERT ORGANISATION NAME) , in general, cannot and does not wish to be the arbiter of the contents of email. (INSERT ORGANISATION NAME) respects free speech and privacy of information. (INSERT ORGANISATION NAME) therefore does not permit retrieval, inspection, monitoring, or disclosure of email messages without the prior consent of the addressee of such messages except as provided for in paragraphs 3.2 and 4.3.

The email addressee's consent shall normally be sought prior to any inspection, monitoring or disclosure of (INSERT ORGANISATION NAME) email records, except as provided for in paragraph 4.3. To comply with this and other (INSERT ORGANISATION NAME) policies, and to enable (INSERT ORGANISATION NAME) to meet its business and legal obligations, staff of (INSERT ORGANISATION NAME) are expected to comply with management requests for copies of electronic mail that pertain to the business of (INSERT ORGANISATION NAME) . In the event of failure to comply with such requests the provisions of paragraph 4.3 apply.

(INSERT ORGANISATION NAME) shall only permit the inspection, monitoring or disclosure of electronic mail without the consent of the holder of such email when:

1. required by and consistent with law;
2. there is substantiated reason to believe that violations of law or (INSERT ORGANISATION NAME) policy have taken place; or
3. in exceptional cases, to meet time-dependent, critical operational needs.

When access to an individual's electronic mail must be restricted or the content of an individual's email must be retrieved, inspected, monitored, or disclosed:

1. Authorisation: Except in emergency situations, such actions must be authorised in advance and in writing by the authority specified by the law or policy under which the action is taken. If the authority is not specified, authorisation must be sought from the CEO or Department Manager. At the earliest possible opportunity, (INSERT ORGANISATION NAME) shall notify the affected individual of the action(s) taken and the reasons for action(s) taken, unless law or other (INSERT ORGANISATION NAME) policy specifically requires otherwise.
2. Emergencies: In emergency situations (for instance, when the community or its members are endangered or when access to electronic mail services must be secured to ensure the preservation of evidence), the (CEO or Department Manager / relevant person/people) may take the least action necessary to resolve the emergency immediately without authorisation with respect to the services under their respective control, but appropriate authorisation must then be sought without delay following the procedures described above. If the action taken is not subsequently authorised, they will seek to have the situation restored as closely as possible to that which existed before action was taken.

Violations of (INSERT ORGANISATION NAME) policies governing the use of (INSERT ORGANISATION NAME) Email & Internet services may result in restriction of access to (INSERT ORGANISATION NAME) information technology resources in addition to any disciplinary action that may be applicable under other (INSERT ORGANISATION NAME) policies, guidelines or enterprise agreements, up to and including dismissal.

Position of relevant person/people) are responsible for the control and administration of the policy and Code of Practice.

It is the responsibility of each (Department Manager / relevant person) to ensure the intent of (insert organisation name) Email & Internet policy and practice is supported.