Read our checklist on creating a workplace email policy, establishing security procedures and letting your employees know what's expected of them.
- You don't have to start from scratch. You can find advice about what to include, along with sample email policies and email disclaimers online.
- Create an individual email account for each employee. Make sure each account is protected by a strong password. You might also want to set up general addresses like [email protected].
- Establish who is responsible for each account. You should also decide how incoming emails will be handled when an employee is absent. For instance, is another member of staff expected to answer queries sent to your general enquiry email address?
- Establish security procedures. Make sure passwords are strong and change them regularly. Ideally, your email server should be encrypted. You should also use security software to scan incoming and outgoing emails for security problems such as phishing emails, trogan malware and worms.
- Specify what use of email is prohibited. For instance, you should ban the use of email for sending or receiving offensive material or engaging in illegal activities.
- Set limits on the use of email. For example, you might allow staff to receive work emails and messages on a company mobile device but ban the sending and recieving of personal emails and messages. You might also consider putting a limit on attachment sizes.
- Set up personalised email signatures for outgoing emails. These should include key company information (your company's registered name, place of registration, registration number and address of its registered office).
- Consider adding a disclaimer to email signatures. Bear in mind that these have little legal authority and may be ineffective - especially as people will probably see them after they have already read the email. Seek legal advice if you are unsure.
- Establish rules on sending confidential and personal information. Make sure these meet the requirements of data protection regulations.
- Let employees know how emails are monitored and stored. Make sure any monitoring complies with legal restrictions protecting privacy.
- Communicate your email usage policy to all staff. Make sure it forms part of your induction process for new employees and provide appropriate training in effective use of email and the legal issues.
- Use the policy to protect your employees too. Email can be highly disruptive to members of staff trying to get things done. You might want to make it clear that it's fine for staff to shut down their email if they need to concentrate. Or go further, and designate one day a week as email free.
- Clarify the disciplinary consequences of breaching the policy. Make sure you enforce it consistently and fairly.