Policy Area: Usage Effective Date: September 23, 2004
Contact: Information Technology Division- policy@doit.ri.gov
Public Records Administrator - records@sec.state.ri.us
Personnel - HRifo@hr.ri.gov Revision Date: n/a
Summary
This policy outlines the rules and responsibilities for users of electronic mail (email) provided by the state.
Goals
This policy is designed to:
1. reinforce that existing standards and policies regarding professional conduct also apply to computer usage.
2. ensure that state employees use information technology resources in an efficient and effective manner.
3. protect state data and computer systems from intentional misuse.
4. ensure that state data and records are professionally managed.
Applicability
This policy applies to all state employees, interns, contractors and all other users of state email systems except for those at state colleges and universities. Email systems include any email address provided by the State of Rhode Island to a user.
Policy Statements
1. Ethics and Professional Conduct
Users shall:
* use email to communicate for business purposes,
* check email regularly (generally daily),
* identify themselves in a professional manner.
Users shall not:
* send threatening, harassing, demeaning, obscene, profane or otherwise offensive messages,
* conceal or misrepresent their identity in a message,
* use email for political, profit or illegal activities,
* use the email system following termination of employment.
Personal use of email is permissible provided it does not:
* interfere with work responsibilities,
* promote political, religious, profit making business,
* increase state costs.
2. Efficiency and Cost Effectiveness
Users shall not:
* send chain mail, "spam" or otherwise wasteful email,
* send attachments which overload the network,
* intentionally send viruses, worms or other applications or files which overload or otherwise jeopardize the integrity of the system.
3. Security and Privacy
Users shall:
* understand that anything transmitted over the Internet is subject to interception, reading copying, or modifying by others.
Users shall not:
* use email to release information to third parties without written or policy approval,
* have any expectation of privacy while using email
* use another persons email account.
4. Information Access and Retention
Users shall reguarly:
* remove personal messages and attachments,
* regularly transfer messages of official record to an organized, secure, and accessible filing system. This may include coordination with agency records officer(s) to ensure records retention requirements are met.
* remove other messages which are not part of an official record.
Roles and Responsibilities
Users - responsible for reading, understanding and adhering to this policy.
Managers - are responsible for the effective utilization of technology by subordinates and compliance with policy standards. Reports of misconduct will be brought to the attention of the appropriate agency and Human Resources authority(ies) for corrective action. Minor transgressions will be handled at the lowest possible level. Incidents that involve ethical, security or privacy issues or are disruptive to a large user-group must be reports to Human Resources and IT staffs.
Human Resources Division - responsible for the overall communication and enforcement of this policy, and subsequent revisions, to state employees. Also responsible for ensuring that the policy is consistent with other personnel policies adopted by the State and for recommending revisions to the policy as changes in working conditions may warrant.
Information Technology Division - responsible for the components of this policy that pertain to the efficient use of information technology and resources. Also responsible for assisting the Human Resources staff with the effective communication and enforcement of the policy.
State Archivist & Public Records Administrator - responsible for the portions of this policy that pertain to records retention and for assisting in the enforcement of compliance to those portions.
State Police, Division of Computer Crime - responsible for investigating criminal activity involving the use of computers.
Compliance
The state reserves the right to examine email for system performance monitoring and to investigate potential abuse of the State's information technology resources. Email users will be held accountable for any breaches of policy, security or confidentiality resulting from the use of this technology. Violations may result in disciplinary actions. Abuse or misconduct can be reported (by employees, supervisors, IT staff, the public or others) to the appropriate agency authority for remedial action. Violations will be handled through the applicable union contracts, personnel rules, and state and federal statutes. Depending on the nature and severity of the abuse, violations will be subject to appropriate disciplinary action, up to and including termination. Criminal or civil action may be initiated in appropriate instances.
Exemptions
There are two exemptions to this policy.
1) The Colleges and Universities are bound by the policies adopted by the Board of Higher Education. (URI Policies)
2) The Department of Corrections does not allow for any personal use of email. (DOC policy contact)
Agencies may choose to add to this policy, in order to enforce more restrictive requirements, provided that the additions to this policy are filed with, and approved by, the Chief Information Officer.
Appeals
Appeals to the findings and enforcement actions recommended by the Human Resources Division will follow the same procedures as other appeals to the decisions made by Human Resources.
Authority
1. Ethics and Professional Conduct
* -- State Personnel Rules 6.02 Conduct of State Employees. "It is the duty of every employee to so conduct himself/herself inside and outside his/her office as to be worthy of the esteem a public employee must enjoy. . ."
* §34-14-1 Code of Ethics -- Declaration of Policy. "It is the policy of the State of Rhode Island that public officials and employees must adhere to the highest standards of ethical conduct, respect the public trust and rights of all persons, be open, accountable and responsive, avoid the appearance of impropriety, and not use their position for private gain or advantage…."
2. Efficiency and Cost Effectiveness
* The Information Resources Management Board § 29-8 et. seq. § 29-8-10. . .
(a) Providing . . .policy direction. . .for the executive branch of state government and public universities. . .
(c) defining, maintaining, and publishing a timely information resources management architecture. . . and implementing processes and procedures to ensure compliance. . . Security and Privacy
3.
* § 29-8-10. (n) Recommending procedures and legislation to ensure the privacy of individuals, with particular emphasis on the potential for invasion of individual privacy.
4. Information Access and Retention
* § 38-1-10. Disposal of records. No public official may mutilate, destroy, sell, loan, or otherwise dispose of any public record without the consent of the public records administration program of the secretary of state.
* §38-2. Access to Public Records Act, especially §38-2-2 (4)(i) "Public record" or "public records" shall mean all documents, papers, letter, maps, books, tapes, photographs, films, sound recordings, magnetic or other tapes, electronic data processing records, computer stored data (including electronic mail messages, except specifically for any electronic mail messages of or to elected officials with or relating to those they represent and correspondence of or to elected officials in their official capacities) or other material regardless of physical form or characteristics made or received pursuant to law or ordinance or in connection with the transaction of official business by any agency.
Related Documents
Statewide Information Technology Policies
* Computer
* Internet
source:
http://www.doit.ri.gov/policy/emailuse.php
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment