Developing a Policy for Managing Email
Table of Contents
Principles and Best Practices
Policy 1: Village of Hidden Valley
Policy 2: Town of Big Thunder
Policy 3: State Office of Administrative Support and Analysis
Appendix: The Legal Framework
1.1 Purpose and intent
Few governments or agencies have focused on email when it comes to policy and program development. Email systems have been implemented at all levels of government throughout New York State to meet immediate business needs, but the smooth operation of these systems has been viewed as a function of information technology (IT) rather than of records management, administration, legal compliance, or internal control. Email is generated by and maintained in a software environment that is not intended for long-term storage. Many users have equated email with a telephone call: ephemeral, private, and exempt from oversight. The truth about email is much different.
Legislative changes and high-profile court cases of the past decade have firmly established that email can be an official record, email can be used as evidence in a court of law, and failure to control email can be very costly. In New York State and elsewhere, state agencies, professional organizations, vendors, and public and private partnerships offer educational programs about how to manage electronic records and email. Organizations have access to a growing range of technological solutions for managing email, as software developers and vendors have increased their efforts to meet a critical business need. Claiming ignorance as an excuse for not implementing an email management program is no longer an option (and legally never was).
This set of guidelines is not an overarching New York State policy on managing email. Rather, these guidelines reflect current principles and best practices for managing email, and are intended as a common starting point for state agencies and local governments to use for formulating their own internal policies on email management. Agencies and governments should adapt the guidelines to meet their own unique needs and capabilities.
Issues regarding email will continue to change, undoubtedly becoming even more complex as our reliance on mobile technologies continues to grow and we stand even more firmly in the electronic world. For these reasons, the State Archives will review these guidelines periodically and update them to ensure they reflect current laws, practice, wisdom, and capabilities. Similarly, all local governments and state agencies must periodically review and update as needed their own email policies and procedures, regarding them as living documents, as dynamic and prone to change as technology itself.
1.2 Structure and contents
As a product of the State Archives, these guidelines as a whole address how records management laws and principles apply to email. The guidelines also highlight email best practices that have recently emerged, many spurred on by legal changes and made possible by advances in technology.
These guidelines are divided into the following sections:
Executive Summary: States the central principles that should guide policy development for managing email.
- Introduction: Provides the intent of these guidelines, a brief outline of how the guidelines are organized, and definitions that are essential for examining the challenges of and strategies for managing email.
- Principles and Best Practices: Discusses best practices that are emerging after a decade or more of email use in the workplace.
- Policy Components: Describes the basic elements to include in any policy for managing email.
- Model Policies: Provides three models that illustrate the management strategies, needs, and capabilities of governments and agencies, from the smallest local government to a large state agency.
Appendix: Provides a short discussion of state and federal laws and regulations relating to records management, especially the management of electronic records (including email).
Sections 1 through 3 and the appendix are intended to give context and meaning to the three model policies, while the three model policies in Section 4 demonstrate the range of strategies available for managing email. The models are not meant to suggest, however, that only three strategies are possible. Future revisions of these guidelines may expand to include actual policies and procedures from model email management programs in New York State.
1.3 Terms and concepts
Managing email over the long term is challenging because of email's essential characteristics. An email originates in an electronic format, but it can also exist in a specific type of computer file or file format. Email tends to reside in a proprietary file format in an email system; although there is interoperability between email software systems, email exists as a file format that is owned and controlled by a single software company and is not necessarily (or easily) exportable to another environment. For these reasons, long-term or permanent emails must be created in or converted to non-proprietary formats for preservation (for example, Extensible Markup Language, or XML, which is explained in Section 3.7, "Preservation").
Most emails conform to an international style format known as RFC 2822, which defines an email as consisting of a header (routing information) and a body (the message), which are separated by a blank line. The body of the message can conclude with a signature block. Saving emails as plain text (ASCII, Unicode) does not necessarily preserve the style format and general appearance of email; additional measures may be needed to display an email as it was originally created.
Metadata refers to any information describing a set of data. Metadata can be viewed in the header of a single email, but for every email there is also a more detailed file profile, also known as a document profile, which is a hidden, associated page of information about that email (see, for example, the "Properties" tab in a GroupWise email). Metadata provides the context for an email (sender; recipients; dates transmitted, opened, deleted), identifies the email's subject content and software environment, and indicates any modifications that were made after the initial transmission. For these reasons, the continuing association of metadata with its email message is essential for ensuring the long-term accessibility and legal admissibility of a message.
An attachment is an electronic file that is associated, sent, and received along with an email message. Attachments may be text documents, graphics, spreadsheets, video and audio files, webpages, and compressed or encoded files. The number of possible file formats attached to an email is essentially as unlimited as the number of formats that currently exist. Again, for preservation, access, and legal purposes it is essential that the attachment continues to be associated and retrievable with the original email message, as well as with all metadata for the message and the attachment.
Discovery refers to the compulsory disclosure of documents that may be relevant to a legal inquiry. E-discovery involves records in electronic format, and emails are discoverable because they can be-and routinely are-the focus of an e-discovery action. The courts have increasingly emphasized the importance of having a records management program that is regulated by policy, and that policy must extend to managing email, for both electronic discovery and record admissibility purposes.