University Policies

Electronic Mail (Email) Policy

Approved By: President
Effective Date: June 26, 2023
Revision Date: November 12, 2024

POLICY STATEMENT

The purpose of this policy is to define the appropriate use of Western Illinois University (WIU) electronic mail (email) by all users.

SCOPE (WHO SHOULD READ THIS POLICY)

WIU’s Electronic Mail (Email) Policy applies to any individual who utilizes WIU-owned electronic mail (email). The WIU-owned email includes all email utilizing any domain owned/purchased by the university. The purpose of this policy is to ensure the proper use of email.

DEFINITIONS

  • Bulk email: The act of sending one email to a large group of individuals at a time. Gmail considers more than 500 recipients from the same email to be a bulk email. Bulk email is also referred to as mass email.
  • Domain: A domain is the name of a website and associated functions such as email accounts (e.g., www.wiu.edu, john.doe@wiu.edu).
  • Encryption: The process of converting information or data into a code that hides the information’s true meaning, especially to prevent unauthorized access.
  • Sensitive data: Information intended for limited use within the university that, if disclosed, could be expected to have a serious adverse effect on the operations, assets, or reputation of the university, or the university's obligations concerning information privacy.

POLICY

Email is a communication tool provided by the university that can improve operational and administrative efficiency. Users have the responsibility to use this resource in an efficient, ethical, and lawful manner. Use of university email accounts demonstrates the user’s agreement to be bound by this policy.

University email accounts are provided, at the discretion of the university, to students, faculty, staff, and others affiliated with the institution. Email activity is automatically logged and subject to review. All email data is the property of Western Illinois University, which reserves the right to intercept, record, read, or disclose it at the sole discretion of authorized personnel. Users should not expect privacy from system review of any data, whether business or personal, even if encrypted or password-protected. Because WIU is an Illinois public university, emails sent and received utilizing the institutional email system are subject to the Illinois Freedom of Information Act, 5 ILCS 140/.

Account Creation and Changes

Newly admitted students will receive information about email credentials and access from the admissions office upon their acceptance to WIU. New employees will receive information about email credentials and access from Human Resources.

Student workers are allowed to use the student account assigned to them for university business during their time of student employment. A separate account may be created for GAs, TAs and RAs handling sensitive information.

Employees who become classified as students during their time of employment (i.e., who take classes after becoming an employee) are permitted to use their official university email for academic purposes, understanding that all other rules within this policy apply.

If an employee terminates their employment for any reason (voluntary or involuntary) while retaining their student status, a new student email account may be created for their academic use. Use of generic email accounts (i.e., email accounts not directly associated/trackable with a named user) is prohibited. Any exceptions must be approved by a department head and the Chief Information Officer.

Disabling of Accounts

All email is the property of Western Illinois University, and the university reserves the right to discontinue email privileges at any time.

When an individual’s affiliation with the university ceases, whether as a result of graduation, retirement, resignation, or any other cause, the individual’s email access will be subject to the following conditions:

  • Employees who retired prior to June 25, 2024 may retain access to their WIU email account provided that their account remains active. Active is defined as logging into the email account via the official Gmail website at least once every 90 days. Such retirees must also complete required annual security training when provided by the university.
  • Employees who retire on June 25, 2024 or after will have their WIU email account disabled on the day of their retirement, except as provided in the “Email Sponsorship” section below.
  • Employees who separate from the university for any reason other than retirement (e.g., termination, resignation, death) will have their WIU email account disabled on their effective day of separation.
  • WIU Alumni will no longer have access to their WIU email account beyond the one-year period following their graduation from the university, except as provided in the “Email Sponsorship” section below.
  • Students on leave from the university but who have not yet graduated will have their email access discontinued after two consecutive semesters of complete non-attendance. Students graduating from the university will have continued access to their WIU email account for one year following their graduation.
Email Sponsorship

Any individual interested in maintaining access to a WIU email account may apply for such access through a sponsorship process coordinated by University Technology.

Appropriate Use and User Responsibility

No data that is classified as “sensitive” in the Sensitive Data Handling Procedures section of the Administrative Procedures Handbook (as defined in the “Definitions” section above) shall be stored in or transmitted via email. See the Administrative Procedures Handbook for further information.

In order to ensure compliance with laws and regulations, including potential Freedom of Information Act (FOIA) requests, employees must utilize only their WIU-provided (@wiu.edu) email account when conducting university business. Personal accounts (e.g., Gmail, Yahoo) should not be used to conduct university business.  

Email use should be limited only to university business or academic purposes. It is the responsibility of individual users to manage and report unwanted email communication. As such, any utilization of email for content that is illegal or otherwise inappropriate is prohibited. 

Prohibited behaviors include, but are not limited to, the following:

  • The generation or facilitation of unsolicited bulk email;
  • Subscription to email lists for personal use;
  • The creation of website accounts for personal purposes utilizing a university email account (e.g., dating websites, gaming websites, shopping websites);
  • The unlawful creation, distribution, or receipt of copyrighted, trademarked, or servicemarked materials;
  • The use of email to violate the legal rights of others or encourage the violation of the legal rights of others;
  • The use of email to violate federal, state or local law or encourage the violation of federal, state or local law;
  • The use of email for any malicious, unlawful, invasive, infringing, defamatory, or fraudulent purpose;
  • Signing up for illegal disreputable, or suspect websites and services;
  • The intentional distribution of malicious software or phishing emails;
  • The sending of insulting or discriminatory messages or content;
  • The intentional alteration, interference with, or circumvention of any aspect of email services;
  • The deliberate distribution or receipt of graphic materials such as pornography, or harassing or violent content;
  • Creating a risk to a person’s safety or health, creating a risk to public safety or health, compromising national security, or interfering with an investigation by law enforcement;
  • The use of email for commercial or business-related purposes that are not part of university business;
  • Using, attempting to use, or impersonating the accounts of others;
  • The collection or using email addresses, screen name information, or other identifiers for anything other than approved university use;
  • The use of email for political activities, specifically supporting the nomination of any person for political office or attempting to influence the vote on any election or referendum on behalf of or under the sponsorship of the university;
  • The forwarding of university emails to personal email accounts where such emails contain data that is protected by the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), or any other security or privacy-based law or regulation;
  • The downloading of university emails to devices not owned by the university where such emails contain data that is protected by FERPA, HIPAA, GLBA, or any other security or privacy-based law or regulation.

PROCEDURES

Users will be responsible for backing up any wanted data in their email account (and associated Google services) prior to leaving the university.

Users will be responsible for informing contacts of their personal email address prior to leaving the university.

Users will be responsible for being aware of and reporting phishing emails.

Users will utilize the University Announcements System to request bulk email to be sent to specific audiences.

Questions regarding the enforcement of this policy can be addressed to the University Technology Support Center at support@wiu.edu or (309) 298-TECH.

RESPONSIBILITIES (Implementation and Enforcement)

University Technology is responsible for implementing, enforcing, updating, and maintaining this policy.

RESOURCES

Standards