University Policies

Electronic Mail (Email) Policy

Approved By: President
Effective Date: June 26, 2023

POLICY STATEMENT

The purpose of this policy is to define the appropriate use of Western Illinois University (WIU) electronic mail (email) by all users.

SCOPE (WHO SHOULD READ THIS POLICY)

WIU Electronic Mail (Email) Policy applies to any individual who utilizes WIU-owned electronic mail (email). WIU-owned email includes all email utilizing any domain owned/purchased by the university. The purpose of this policy is to ensure the proper use of university electronic mail (email).

DEFINITIONS

  • Bulk email: The act of sending one email to a large group of individuals at a time. Gmail considers more than 500 recipients to the same email to be a bulk email. Bulk email is also referred to as mass email.
  • Domain: A domain is the name of a website and associated functions such as email accounts (i.e. www.wiu.edu/john.doe@wiu.edu).
  • Encryption: The process of converting information or data into a code that hides the information’s true meaning, especially to prevent unauthorized access.
  • Generic account: An email account that is not directly tied to an individual and/or is used by multiple individuals.
  • Sensitive data: Sensitive data, as defined by the university’s Administrative Handbook’s Sensitive Data Handling Procedures is: Information intended for limited use within the university that, if disclosed, could be expected to have a serious adverse effect on the operations, assets, or reputation of the university, or the university's obligations concerning information privacy.

POLICY

Email is a communication tool provided by the university which can improve operational and administrative efficiency. Users have the responsibility to use this resource in an efficient, ethical and lawful manner. Use of university email accounts demonstrates the user’s agreement to be bound by this policy.

University email accounts are provided, at the discretion of the university, to students, faculty, staff, and others affiliated with the institution. Email activity is automatically logged and subject to review. All email data is the property of Western Illinois University, which reserves the right to intercept, record, read or disclose it at the sole discretion of authorized personnel. Users should not expect privacy from system review of any data, whether business or personal, even if encrypted or password-protected. As an Illinois public university, emails sent and received utilizing the institutional email system is subject to the Illinois Freedom of Information Act.

Account Creation

It is not uncommon for employees to become students or students to become employees of the university. In order to avoid confusing official university business with academic operations, the following policies will apply:

  • Former or current students who become employees will be assigned a new email account to be used as an employee for official University business. Official University business is to be conducted from the employee email account only. If the individual is a current student at the time they become an employee, they will retain their student email account for academic purposes.
  • Student workers are allowed to use the student account assigned to them for university business during their time of student employment. A separate account must be created for GA’s, TA’s and RA’s handling sensitive information.
  • Employees who become classified as students during their time of employment (i.e. take classes after becoming an employee) are permitted to use their official university email for academic purposes, understanding that all other rules within this policy apply. If the employee terminates their employment for any reason (voluntary or involuntary) while retaining their student status, a new student email account will be created for their academic use.

Use of generic email accounts (i.e. email accounts not directly associated/trackable with a named user) is strictly prohibited.

Appropriate Use and User Responsibility

No data that is classified as “Sensitive” in the Sensitive Data Handling Procedures section of the Administrative Procedures Handbook shall be stored in or transmitted via email. See the Administrative Procedures Handbook for further information.

In order to prevent the unauthorized use of email accounts, the sharing of passwords is strictly prohibited. Each individual is responsible for his/her/their account, including the safeguarding of access to the account. All email originating from an account is assumed to have been authored by the account holder, and it is the responsibility of that holder to ensure compliance with these guidelines.

In order to avoid confusing official university business with personal communications, employees cannot use non-university email accounts (e.g. personal email account) to conduct university business.

Email use should be limited only to business or academic purposes. It is the responsibility of individual users to manage and report unwanted email communication. As such, any utilization of email for content that is illicit, illegal, or otherwise inappropriate is prohibited. The following are provided as examples of prohibited behavior but are not to be considered an inclusive list.

  • Generates or facilitates unsolicited bulk email;
  • Subscription to email lists for personal use;
  • Creation of website accounts for personal purposes utilizing a university email account (i.e. dating websites, gaming websites, shopping websites, etc.);
  • Unlawful creation, distribution or receipt of copyright, trade or service mark materials;
  • Violates, or encourages the violation of, the legal rights of others or federal and state laws;
  • Is for any malicious, unlawful, invasive, infringing, defamatory, or fraudulent purpose;
  • Intentional distribution of malicious software or phishing emails;
  • Intentional alteration, interference or circumvention of any aspect of email services;
  • Deliberate distribution or receipt of graphic materials such as pornography, harassing or violent content;
  • Creates a risk to a person’s safety or health, creates a risk to public safety or health, compromises national security, or interferes with an investigation by law enforcement;
  • Using, attempting to use or impersonating the accounts of others;
  • Collecting or using email addresses, screen name information or other identifiers for anything other than approved university use;
  • Political activities, specifically supporting the nomination of any person for political office or attempting to influence the vote on any election or referendum on behalf of or under the sponsorship of the university.
Revocation of Accounts

Individuals may terminate their affiliation with the university for a variety of reasons, which will result in the revocation or expiration of email accounts. The policy governing those privileges are set forth below. Notwithstanding the guidelines below, the university reserves the right to revoke email privileges at any time.

  • Separation of employees of any classification (i.e. faculty, civil service, administrative, etc.) - Employees who are separated from the university for any reason will have their email access revoked. Employees are permitted to retain their email privileges for a period of 30 days following the last date of employment on their contract. The university reserves the right to revoke email access privileges at any time for any reason.
  • Retirement of employees of any classification (i.e. faculty, civil service, administrative, etc.) - All retiree accounts will remain active for the duration of their active use. Active use shall be defined as accessed within the last 180 days. Retiree accounts that are no longer active may be disabled and will be required to submit a request in order to reactivate the account. The university reserves the right to revoke and/or not reactivate accounts at any time for any reason.
  • Students who leave before graduation - Students who leave the university without completion of their degree or other program will have their email access revoked.
  • Alumni - Alumni accounts will remain active for the duration of their active use. Active use shall be defined as accessed within the last 180 days. Alumni accounts that are no longer active may be disabled and will be required to submit a request in order to reactivate the account. The university reserves the right to revoke and/or not reactivate accounts at any time for any reason.

RESPONSIBILITIES (Implementation and Enforcement)

University Technology is responsible for, implementing, enforcing, updating and maintaining this policy.

RESOURCES

Standards