E-Mail Policy

Overview

Electronice email is pervasively used in almots all industry verticals and is often the primary communication and awareness method within Northeast Data.

At the same time, misuse of email can post many legal, privacy and security risks, thus it's important for users to understand the appropriate use of electronic communications.

Purpose

The purpose of this email policy is to ensure the proper use of Northeast Data's email system and make aware of waht Northeast Data deems as acceptable and unacceptable use of its email system. This policy outlines the minimum requir3ements for the use of email within Northeast Data's Network.

Scope

This policy covers appropriate use of any email sent from a Northeast Data email address and applies to all employees, vendors, and agents operating on behalf of Northeast DAta.

Policy

• All use of email must be consistent with Northeast Data's policies and procedures of ethical conduct, safety, compliance with applicable laws and proper business practices.
• Northest Data Email accounts should be used primarily for Northeast Data business-related purposes; personal communication is permitted on a limited basis, but non-Northeast Data related commercial uses are prohibited.
• All company and customer data ontained with in an email message or an attachment must be secured according to the Data Protection Standard
• Email should be retained only if it qualifies as a Northeast Data business record. Email is a Northeast Data business record if there exists a legitimate and ongoing business reason to preserve the information contained in the email.
• Email that is identified as a Northeast Data business record shall be retained according to Northeast Data Record Retention Schedule.
• Northeast Data's email system shall not be used for the creation or distribution or any disruptive or offensive messages, including offensive comments about race, gender, hair color, disabilities, age, sexual orientation, pronography, religious beliefs and practice, political beliefs, or national origin. Employees who receive any email with this content from any Northeast Data employee should report the matter to their supervisor immediately.
• Users are prohibited from automatically forwarding Northeast Data email to a third pary email system. Individuals messages which are forwarded by the user must not contain Northeast Data confidential or above information
• Users are prohibited from using third-party email systems and storage servers such as Google, Yahooo, and MSN Hotmail etc. to conduct Northeast Data business, to create or memorialize any binding transactions, or to store or retain email on behalf of Northeast Data. Such communications and transactions should be conducted through proper channels using Northeast Data-approved documention.
• Using a reasonable amount of Northeast Data resources for personal emails is acceptable, but non-work related email shall be saved in a separate folder from work related email. Sending chain letters or joke emails from a Northeast Data email account is prohibited.
• Northeast Data employees shall hae no expecation of privacy in anything they store, send or receive on the company's email system.
• Northeast Data may monitor messages without prior notice. Northeast Data is not obliged to monitor email messages.

Policy Compliance

The security team will verify compliance to this policy through various methods, including but not limited to, periodic walk thrus, video monitoring, business tool reports, internal and external audits, and feedback to the policy owner.

Any exception to the policy must be approved by the security team in advance.

Any employee found to have violated this policy may be subject to the disciplinary action, up to and including termination of employment.