ARCHIVES/
LIBRARY

STATE ARCHIVES

LOCAL
GOVERNMENT
RECORDS

LGR ELECTRONIC
RECORDS
GUIDELINES

LGR FORMS

LGR FAQs

LGR LINKS

LGR PUBLICATIONS

ON-LINE
JUST THE BASICS WORKSHOP

OHIO NETWORK OF
AMERICAN HISTORY
RESEARCH CENTERS

POWERPOINT
PRESENTATIONS

PUBLIC RECORDS
LAWS AND
LEGISLATION

Local Government Records (LGR) Program

Sample Internet, Email, and Online Services Use Policy

Table of contents
Section 1 - Scope
Section 2 - Purpose
Section 3 - Requirements
Section 4 - Records Management and retention of email
Section 5 - Encryption
Section 6 - Viruses
Section 7 - Questions
Section 8 - Declaration

Section 1 - Scope
This sample policy for internet, email or online services users is to be used by entities when creating their own policies for internet, email or online services users. This sample can be used section by section, it can be adopted as is, or it can be used as an example of the types of issues that need to be covered in an internet, email or online services policy. Entities should insert their name wherever "INSTITUTION" is used. For other examples of polices for internet, email or online services users see the Department of Administrative Services Directive 01-25, effective date 07/01/01 or the Supreme Court of Ohio's Judicial and Court Services, Technology Resources Information Systems Polices and Procedures Revision #78457-99 10025.

Along with the policy for internet, email or online services users, governmental entities should consider creating email etiquette guidelines, a policy on the security and confidentiality of data files, and guidelines for the retention of email.

Section 2 - Purpose
The purpose of this policy is to ensure the proper use of INSTITUTION'S internet, email or online services systems and to make users aware of what INSTITUTION deems to be acceptable and unacceptable use of its internet, email or online services systems. The INSTITUTION reserves the right to amend this policy at its discretion. In case of amendments, users will be informed appropriately. Internet, email or online services users expressly waive any right of privacy in anything they create, store, send or receive on the INSTITUTION'S computer system. INSTITUTION can, but is not obliged to, monitor internet, email or online services usage without prior notification. If there is evidence that you are not adhering to the guidelines set out in this policy, the INSTITUTION reserves the right to take disciplinary action, including termination and/or legal action. Finally, the policy does not grant the employee any contractual rights.

Section 3 Requirements
The internet, email and/or online services usage are business communication tools and users are obliged to use these tools in a responsible, effective and lawful manner. Although by their nature email and/or online services seem to be less formal than other written communication the same laws apply. The following rules are hereby created by the INSTITUTION and are to be strictly adhered to:

• The Internet, email and online services are intended to be used primarily for business purposes. Uses that interfere with normal business activities, involve solicitation, are associated with any for-profit business activities or could potentially embarrass the INSTITUTION are strictly forbidden.
  
• Employees shall not use the Internet, email or online services for operating a business for personal gain, sending chain letters or soliciting money for religious and/or political causes.
  
• Employees shall not use the Internet, email and online services to transmit or download material that is offensive, obscene, pornographic, threatening or racially or sexually harassing.
  
• Employees shall not use the Internet, email and online services to disseminate or print copyrighted materials (including articles and software) in violation of copyright laws.
  
• Employees shall not use the Internet, email and online services to provide access to confidential information. Employees shall not use these services to provide access to public information without following the existing rules and procedures of the INSTITUTION for dissemination.
  
• Employees shall not use an Internet, email or online service account or signature line other than their own.
  
• Employees shall take all reasonable precautions to prevent the inadvertent dissemination of anyone else's information via the Internet, email or online services.
  
• Internet, email or online services usage are subject to limitations as imposed by supervisors to prevent excessive or improper use. Although the internet, email or online services systems are meant for business use, INSTITUTION allows personal usage if it is reasonable and does not interfere with work. However, the sending of chain letters, junk mail, jokes and executables is prohibited. All messages distributed via the INSTITUION'S email system are INSTITUTION'S property.
  
• Employees are also reminded that access to and use of the Internet, including communication by e-mail, is not confidential. Internet access can and will be monitored. Web browsers leave traceable "footprints" to all sites visited.
  
• Employees shall not delete an email message that has not met or exceeded the appropriate retention period as set forth by the INSTITUTION'S Records Commission.
  
• All email accounts maintained on our email systems are property of the INSTITUTION.

Section 4 Records Management and Email Retention
Email and/or online services are a means of transmission of messages or information. Like paper or microfilm, email and/or online services are the medium by which this type of record is transmitted. The retention or disposition of email or online services messages must be related to the information they contain or the purpose they serve. The content, transactional information, and any attachments associated with the email or online services are considered a record if they meet the criteria of the Ohio's public record's laws, Ohio Revised Code section 149.01.1 (G). The content of email or online services messages may vary considerably, and therefore, this content must be evaluated to determine the length of time the email must be retained. For more information on scheduling and retaining email or online services messages see your local records manager, and/or records commission.

Section 5 Encryption
Users may not encrypt any emails without obtaining written permission from their supervisor and their IT Department. If approved, the encryption key(s) must be made known to the INSTITUTION.

Section 6 Viruses
Computer viruses are more and more prevalent in today's world. They can cause considerable damage to a computer or entire network. An infected computer may not be readily identified, even though damage may be occurring. The utmost care must be taken in adhering to strict anti-virus precautions. These include:

• Do not exchange diskettes with other computers. One common avenue of infection is using diskettes that have been used in home computers.
  
• Do not download programs from the Internet or electronic bulletin boards.
  
• Do not activate programs that have been attached to an email message. It has been estimated that nearly 1/3 of virus infections occur this way.

Section 7 Questions
If you have any questions or comments about this internet, email or online services policy, please contact [Name], [Tel], [Email]. If you do not have any questions INSTITUTION presumes that you understand and are aware of the rules and guidelines in this internet, email or online services policy and will adhere to them.

Section 8 Declaration
I have read, understand and acknowledge receipt of the internet, email or online services policy. I will comply with the guidelines set out in this policy and understand that failure to do so might result in disciplinary or legal action.

_______________________________         __________________