Keep it legal

Confidential and personal information

Claims against the University may result from inadvertent or negligent disclosure of personal data, confidential employment records or commercially sensitive information. It is very easy to send emails to the wrong person, so take care entering the recipient’s email address.

Make it clear if your message is confidential eg by putting the word 'Confidential' in the email header or in the filename of any attachments, and only send confidential emails to those who need to act upon them. If you do not want an email to be forwarded to others, state this clearly at the beginning of the message.

If your material is highly confidential or contains sensitive personal data, send it as an encrypted attachment or do not send it by email at all.

Unacceptable use and defamation

Exercise the same degree of care and professionalism in composing emails as you would with other written correspondence. Do not send vulgar, abusive or defamatory messages - besides being discourteous and unprofessional, defamatory content can form the basis of a legal claim.

Do not express opinions about individuals that you are not prepared to defend, or which you cannot substantiate.

Some limited personal use of email is permitted, provided there is no conflict with the interest or requirements of the University. However, privacy cannot be guaranteed as the University may require access to data in accordance with Regulation XV.

Legal disclosure

The Data Protection Act permits people to see information that the University holds about them and the Freedom of Information Act gives people the right to access other recorded information that the University holds, including email.

Email correspondence is also subject to disclosure in the event of formal legal proceedings.

University business

Do not use external email accounts for University business and never redirect or forward emails from your University account to an external email account (such as Hotmail or Gmail). Such accounts may store data outside the EU and you may be in breach of Data Protection legislation if your emails include personal data.

Credit card data

Never use email to solicit or send credit card details as this is in breach of the University’s financial procedures. Such information, if lost or misappropriated, could be used to facilitate fraud. The University may be liable to pay substantial damages in such circumstances and could also face action under the Data Protection laws and the Payment Card Industry (PCI) Data Security Standards (DSS).