|
 |
Manage Email Business Risks With 3-Step Policy June 23, 2003 (SmartPros) When it comes to strategically managing email business risks and reducing legal liability, businesses have been slow to learn an important lesson -- the need for an email retention and deletion policy. A recent survey found that only 34 percent of employers have a written email policy in place -- the same figure reported in 2001, one year before five Wall Street brokerages were fined $8.3 million for failing to retain email.
With email playing an increasingly common role in workplace lawsuits and regulatory investigations -- including high-profile discrimination, sexual harassment, and antitrust claims -- it can be used to bolster cases, embarrass organizations, and damage reputations.
The American Management Association, The ePolicy Institute, and Clearswift surveyed 1,100 U.S. companies and found that 14 percent of respondents have been ordered by a court or regulatory body to produce employee email, up from nine percent just two years ago.
"Whether you employ one part-time worker or 100,000 full-time professionals, any time you allow employees access to your email system, you put your assets, future, and reputation at risk," said Nancy Flynn, executive director of The ePolicy Institute. "Fortunately, by developing and implementing a strategic email management program that combines rules, policy, education, and enforcement, employers can anticipate email disasters, address employee misuse, derail intentional abuse, curtail email blunders, and limit costly electronic liabilities."
According to the 2003 email "Rules, Policies and Practices Survey," the average employee spends 25 percent of the workday on email, with eight percent of workers devoting over four hours a day to email. While failing to meet the challenges of email retention, most employers are eager to keep online employees in line. Over half (52 percent) of employers monitor email. Three-fourths have put written email policies in place. And 22 percent have terminated an employee for violating email policy.
Over three-quarters of respondents say that they have lost time in the last year due to email system problems, including disabled computer systems, business interruptions, and computer viruses. Five percent of respondents report business has been interrupted as the result of email-related lawsuits.
"Most employers drop the ball when it comes to educating employees about email risks, rules, and responsibilities," said Flynn. "While 75 percent of organizations have written email policies in place, only 48 percent offer e-policy education to employees, and merely 27 percent offer email retention/deletion training." On the upside, e-policy training has doubled since 2001, when 24 percent of companies offered e-policy education to employees.
Flynn recommends her "Three-E" approach to e-risk management: One, establish written email rules and policy; two, educate the workforce about risks and policy compliance; and three, enforce email policy with policy-based content security software that works in concert with the organization's established email rules and policies. Other survey findings:
|
|
|
|||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||
|
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||
