Uh-oh, it looks like your Internet Explorer is out of date.
For a better shopping experience, please upgrade now.
The e-Policy Handbook: Rules and Best Practices to Safely Manage Your Company's E-mail, Blogs, Social Networking, and Other Electronic Communication Tools / Edition 2 available in Paperback
Temporarily Out of Stock Online
Trillions of e-mails travel each year through corporate networks—and they're not all work-related. But for organizations wishing to protect themselves from liability, e-mail is no longer the only danger—they now have to contend with blogs, social networking sites, and other new technologies. Packed with electronic rules, step-by-step guidelines, sample policies, and e-disaster stories, this revised edition of The e-Policy Handbook helps readers:
implement strategic electronic rules
• prevent security breaches and data theft
• safeguard confidential company and customer information
• manage new and emerging technologies
• write and implement effective policies
• train employees
Updated to cover new technologies, including instant messaging, social networking, text messaging, video sites, and more, this is a comprehensive resource for developing clear, complete e-policies.
|Edition description:||Second Edition|
|Product dimensions:||5.90(w) x 8.90(h) x 0.90(d)|
|Age Range:||18 Years|
Read an Excerpt
C H A P T E R 1
Why Every Organization Needs Electronic Rules and
Policies Based on Best Practices
Since the initial publication of The e-Policy Handbook in 2001, electronic business communication tools and technologies have taken the workplace by storm. Consequently, many employers find themselves drowning in risk as they struggle to manage the use—and curtail the abuse
—of what were originally conceived as time-saving, productivity-enhancing technology tools.
Without question, e-mail has become the business world’s communication tool of choice, forever altering the ways in which we exchange information and conduct professional and personal relationships.
Meanwhile, new tools and technologies—instant messenger (IM), blogs a social networking and video sites, cell phones and camera phones, text messaging, ‘‘confidential’’ electronic messaging, and the BlackBerry
Smartphone, to name a few—have joined the electronic business communication mix at a breakneck pace.
The good news: The ever-expanding universe of high-tech tools facilitates users’ ability to quickly and conveniently transmit business-critical data and stay connected with colleagues and customers around the globe. The bad news: Emerging technologies dramatically increase employers’
exposure to potentially costly and protracted risks including workplace lawsuits, regulatory fines, security breaches, and productivity drains, among others.
Fortunately, for savvy employers determined to manage technology use and minimize risks, there is a solution. Through the strategic implementation of a comprehensive e-policy program that combines written electronic rules with formal employee training supported by policy-based monitoring, management, and archiving tools, organizations can effectively minimize (and in some cases prevent) electronic risks while maximizing compliance with legal, regulatory, and organizational guidelines.
e-Policy Rule 1: Through the implementation of a comprehensive
e-policy program that combines written rules with employee
education supported by discipline and technology tools, organizations
can effectively minimize electronic risks and maximize
In the Electronic Office, Risks Abound
Even if your organization does not currently use IM, operate a business blog, or provide executives with BlackBerry Smartphones, you cannot afford to ignore new and emerging technology. If you fail to provide the hot, must-have technologies of the day, chances are your tech-savvy employees (particularly younger employees whose social lives revolve around IMing, texting, and social networking) will bring them in through the back door and load them onto your system without management approval or IT oversight. Left undetected and unmanaged, that’s a recipe for disaster!
Manage Powerful, Popular Electronic Business
Communication Tools Proactively
Considering that the average personal computer can hold 1 million pages of information, it’s no surprise that 90 percent of the business documents we create and acquire are electronic, according to the Association of Records Managers and Administrators (ARMA) as reported by
Employers who are concerned about managing all that electronic information—and related risks—should act now to put written policies in place governing the use of established tools and new technologies at work during business hours and at home on employees’ own time.
Old and new alike, all electronic business communication tools must be addressed by comprehensive, best-practices-based rules and policies as detailed in this book. Failure to establish and enforce written rules and e-policies puts the organization at risk of electronic disasters including a but not limited to: regulatory audits, security breaches, lost productivity a shattered stock valuation, negative publicity, lost credibility, and workplace lawsuits, which employers and legal professionals alike consistently identify as their number-one e-mail and Internet-related concern.
e-Policy Rule 2: You cannot afford to ignore new and
emerging technology. If you fail to provide the hot, must-have
technologies of the day, chances are your tech-savvy
employees will bring them in through the back door. Left undetected
and unmanaged, that’s a recipe for disaster!
Employers Face Ever-Increasing Legal Liability
As early as 2001, when the first edition of The e-Policy Handbook was published, employers cited legal liability as their primary reason for monitoring employee e-mail and Internet use.3 Since then, we have witnessed the expanding role of e-mail and other forms of electronically stored information (ESI) as evidence in civil lawsuits and criminal trials.
In 2006, 24 percent of organizations had employee e-mail subpoenaed a compared to just 9 percent in 2001. Another 15 percent of companies went to court to battle lawsuits specifically triggered by employee
e-mail in 2006, according to the Workplace E-Mail, Instant Messaging a and Blog Survey from American Management Association and ePolicy
Electronically Stored Information Plays an
Ever-Expanding Evidentiary Role
There is no doubt that the evidentiary role of workplace e-mail and other electronically stored information will continue to expand. The United
States Federal Court made clear this fact in December 2006, when the much-anticipated amendments to the Federal Rules of Civil Procedure (FRCP) were announced, affirming the fact that all electronically stored information is subject to discovery (which means it may be subpoenaed and used as evidence) in federal litigation.
When it comes to electronic evidence, it is the content that counts a not the tool or technology used. Whether created, transmitted, acquired a posted, downloaded, or uploaded via e-mail, IM, the Internet, a cell phone, or any other tool, ESI creates the electronic equivalent of DNA
evidence. ESI can—and will—be subpoenaed and used as evidence for or against your company should it one day become embroiled in a workplace lawsuit. Will you be prepared?
e-Policy Rule 3: Electronically stored information (ESI) creates
the electronic equivalent of DNA evidence. ESI can—and will—be
subpoenaed and used as evidence for or against your organization
should it one day become embroiled in a workplace lawsuit.
Regulators Grow Increasingly Watchful
Over the years, government and industry regulators have turned an increasingly watchful eye to the content created and the business records generated by e-mail and other electronic business communication tools.
For example, failure to comply with Security and Exchange Commission (SEC) rules governing written e-mail and IM content and record retention policies has cost brokerage firms hundreds of millions of dollars in fines.
The Health Insurance Portability and Accountability Act (HIPAA),
Gramm-Leach-Bliley Act (GLBA), and Sarbanes-Oxley Act (SOX) are just three of the tens of thousands of regulatory rules with which workplace computer users must comply—or face consequences including monetary fines and possible jail time.
In spite of potentially costly penalties, regulated firms have been slow to adopt the type of business record–related rules and policies detailed in Chapter 3. Only 34 percent of organizations have e-mail record retention policies and schedules in place, and merely 13 percent of companies retain and archive business record IM, according to American
Management Association/ePolicy Institute research.5
Among regulated employees, 43 percent either don’t adhere to regulatory rules governing e-mail retention or they simply do not know if they are in compliance.6 Overall, 43 percent of workers can’t distinguish business-critical e-mail and IM that must be retained from insignificant messages that may be purged.7
It’s no surprise that employees are confused and employers ill-prepared when it comes to the management of all-important ESI. Only 21
percent of companies provide employees with a formal definition of ‘‘electronic business record.’’8
This book is designed to educate employers and users about the importance of establishing and complying with rules and policies governing electronic business record retention, deletion, and archiving, as well as overall electronic risk management. Strategic business record retention and deletion rules and policies are essential for all employers, regardless of industry, size, or status as public or private entities.
Employ Tougher Rules to Combat Growing Risks
Along with increased risk, there has been growing awareness among employers of the devastating impact that inappropriate electronic content and unprofessional behavior—accidental or intentional—can have on users’ careers and the corporate bottom line. Consequently, employers are increasingly putting teeth in their electronic policies.
In 2007, more than a quarter of employers (28 percent) fired employees for e-mail misuse. That’s double the 14 percent reported just six years earlier in 2001. An additional 30 percent of bosses terminated workers for Internet violations in 2007, according to the 2007 Electronic
Monitoring and Surveillance Survey from American Management Association and ePolicy Institute.9
Table of Contents
C O N T E N T S
PART ONE: Electronic Business Communication Rules
1 Why Every Organization Needs Electronic Rules and Policies Based on Best Practices, 3
PART TWO: E-Mail Rules
2 Legal Risks and Rules: E-Mail Creates Discoverable Evidence, 13
3 Record Retention Risks and Rules: Courts and Regulators Take
Seriously the Production—and Destruction—of Electronic Evidence, 20
4 Regulatory Risks and Rules: Government and Industry Watchdogs
Guard Content and Records, 28
5 Archiving Rules, Tools, and Best Practices, 34
PART THREE: Privacy, Confidentiality, and Data Security Rules
6 Online Privacy Risks, Rights, and Rules, 49
7 Confidential Messaging Rules and Tools, 56
8 Data Security Risks and Rules, 71
PART FOUR: Content, Personal Use, and Netiquette Rules
9 Content and Personal Use Risks and Rules, 79
10 Netiquette Rules, 85
PART FIVE: Instant Messaging Rules
11 IM Is Turbocharged E-Mail: All the Risks, Rules, and Regulations
12 IM Management Rules and Tools, 100
PART SIX : Internet Rules: Web, Blog, Social Networking, and
Video Site Risks, Rules, Policies, and Best Practices
13 Internet Risks and Rules, 109
14 Blog Rules, 114
15 Blog Risks, 118
16 Blog Policies and Best Practices, 124
17 Social Networking and Video Site Risks and Rules, 133
PART SEVEN: Software Rules
18 Software Risks, Rules, Policies, and Best Practices, 143
PART EIGHT : Cell Phone and Texting Rules
19 Cell Phone and Text Messaging Risks, Rules, Policies, and Best
PART NINE: Monitoring and Compliance Rules: Minimize
Risks—and Maximize Compliance—with Training,
Discipline, and Monitoring
20 Employee Education Policies and Best Practices, 173
21 Disciplinary Rules, Policies, and Best Practices, 181
22 Monitoring Rules and Tools, 184
PART TEN: User Rules
23 How to Communicate Online Without Getting Fired: Ten Tips for
Employees WhoWant to Protect Their Privacy—and Keep Their Jobs,
24 Q&A: Answers to Employees’ Most Commonly Asked e-Policy and
Privacy Questions, 205
PART ELEVEN: Electronic Writing Rules
25 e-Policy 101: How to Draft Effective e-Policies for Your Organization,
26 Establishing Electronic Writing Style Policies for Employees, 222
A Fifty-Seven e-Policy Rules to Help Keep Your Organization in
Business . . . and Out of Court, 233
B e-Policy Dos and Don’ts: Best Practices to Help Minimize Risks and
Maximize Compliance, 240
C Sample Electronic Business Communication Policies, 247
D Glossary of Electronic Business Communication, Legal, and
Technology Terms, 273
E Resources and Expert Sources, 284
About the Author, 323