We work in a complex information technology environment requiring communication related to both confidential and public data. New technologies offer the College methods to make this communication easier between students, staff, departments, other colleges, and the world. The College’s e-mail system is Exchange/Outlook, which also provides web mail access.

All current faculty, staff and students of Pomona College have accounts on the College e-mail system. Guest accounts maybe granted with the approval of the responsible Vice President of the College and the Executive Director of ITS (See conditions for “guest accounts” listed below).

With this communication network, vulnerabilities to the privacy of electronic messages possibly containing confidential or proprietary material arise. College electronic mail users need to be aware of the vulnerabilities in electronic mail communication and of the legal responsibilities that accompany the use of this medium.

These guidelines:

  1. Define who may use the electronic mail system controlled and administered by Pomona College (the College).
  2. Outline responsibilities related to electronic mail maintenance and use.
  3. Provide guidelines for the security and confidentiality of College electronic mail.

These guidelines apply to all electronic mail (e-mail) created, sent or maintained within, administered by or networked to the electronic mail systems of the College or any machine connected to the Pomona College network as well as to all users of the College e-mail system.

Responsibilities

Electronic Mail Administrators

Electronic Mail Administrators are responsible for:

  1. Providing a secure stable, reliable e-mail system.
  2. Ensuring that a security plan for the e-mail system for which they are responsible, has been developed, implemented and is maintained. The security plan should include an analysis of the need for message encryption.
  3. Ensuring that a backup plan to allow for message/system recovery in the event of a disaster has been developed, tested and implemented.
  4. Periodically assessing the level of risk within the e-mail system.
  5. Ensuring that appropriate steps are taken to prevent a system break-in or intrusion through the electronic mail application.
  6. Providing information regarding electronic mail vulnerabilities to e-mail users so that they may make informed decisions regarding how to use the system.
  7. Ensuring that upon notification all electronic mail ids for individuals with e-mail accounts on the College system have been deleted when: an authorized user has terminated employment, graduated or withdrawn from the College, and when a “courtesy account” is inactive or no longer needed.

Information Technology Services will ensure that employees responsible for maintaining, repairing and developing e-mail resources will exercise special care and access e-mail messages only as required to perform their job function. These employees will not discuss or divulge the contents of individual e-mail messages viewed during maintenance and trouble-shooting.

Electronic Mail Users

College E-mail Users are responsible for:

  1. Using e-mail in a responsible manner consistent with other business communications (e.g., phone, hard copy correspondence).
  2. Safeguarding the integrity, accuracy and confidentiality of College electronic mail.
  3. Only using mail ids assigned to them.
  4. Removing mail from their mailbox consistent with any retention policies that may be established by the College or department.

College e-mail users are responsible for NOT:

  1. Sending any unsolicited mail or materials that are of a fraudulent, defamatory, harassing, or threatening nature.
  2. Posting materials that violate existing laws or College codes of conduct, are inconsistent with the College mission, or are commercial advertisements.
  3. Forwarding any other form of unnecessary mass mailing (such as chain letters) to College or external e-mail users.
  4. Using their e-mail access to unlawfully solicit or exchange copies of copyrighted software.

Security And Confidentiality Standards

  1. The College considers electronic mail messages the personal, confidential business of the sender and/or receiver. Although the messages are considered the personal business of the sender and/or receiver these messages are stored on College computer systems and the College may need to access or act upon specific messages as part of its responsibility for maintaining the College’s technology infrastructure.
  2. Privacy is not inherent on any electronic mail system, especially one connected to the Internet.
  3. The College will not monitor the content of electronic documents or messages without cause; however, the privacy of documents and messages stored in electronic media cannot be guaranteed under all circumstances. Electronic documents and messages may be readable to ITS maintenance, security and troubleshooting staff while performing their job functions. Such access occurs only when a problem in the software or network arises. Additionally electronic mail may pass out of one computer environment, across a network, and into another totally different computer environment. This transport becomes increasingly complicated as mail travels between departments, institutions, states, or nations. The level of security over your message is affected each time the computer hardware, software and environment changes. Untraceable leaks may occur.
  4. If there is an ongoing College investigation for alleged misconduct or violation of the law, the College may authorize that electronic mail or files may be locked or copied to prevent destruction and loss of information. Additionally, the College may examine or transfer the content of electronic documents and messages, or access e-mail backups or archives as a result of legal discovery, writ, warrant, subpoena, or when there is a threat to the College’s computer system’s integrity or security.
  5. The confidentiality of the contents of e-mail messages that include certain types of information (e.g., student related, medical, personal) may be protected by the Family Educational Rights and Privacy Act of 1974 (as amended) and/or the Electronic Communications Privacy Act of 1986.
  6. The authenticity of an e-mail message cannot be assured due to the state of present e-mail technology. This means that the authorship or source of an e-mail message may not be as indicated in the message.

Use Standards

  1. Pomona College considers the College’s e-mail system and the respectively assigned employee or student official Pomona College e-mail address, i.e. username@pomona.edu, along with the United States Postal Service, to be official means of communication. The College will consider employees and students to be duly informed and in receipt of notifications and correspondences sent by a college administrator, staff or faculty delivered to an employee’s or student’s college e-mail account. It is recommended that employees and students frequently access their college assigned e-mail account for official information. An individual may choose to have his/her username@pomona.edu official e-mail account forwarded to an off-campus account. Such individuals, however, are responsible for managing their Pomona e-mail box such that there is room for new mail to arrive and for forwarding their Pomona e-mail account to a functioning alternative e-mail address. The College is not responsible for delivery problems to any non-official e-mail accounts.
  2. Individuals are prohibited from using an electronic mail account assigned to another individual to either send or receive messages. If it is necessary to read another individual’s mail (e.g., while they are on vacation, on leave, etc.), the owner of the account should contact the e-mail administrator regarding the procedures for setting up a forwarding rule.
  3. College employees are encouraged to use these communications resources to share knowledge and information in furtherance of the College’s missions of instruction, research, and public service. Occasional and incidental social communications using electronic mail are not prohibited, however such messages should be limited and not interfere with an employees’ job function.
  4. Individuals with e-mail accounts on College computer systems are prohibited from sending messages which: violate existing laws, or College codes of conduct or policies; are inconsistent with the College mission; or are advertisements or announcements for a commercial business.
  5. Authorized users should not “rebroadcast” information about significant issues obtained from another individual that the individuals reasonably expected to be confidential.
  6. Authorized users are prohibited from sending, posting or, publicly displaying or printing unsolicited mail or material that is of a fraudulent, defamatory, harassing, abusive, obscene or threatening nature on any College system. The sending of such messages/materials will be handled according to current College codes of conduct or policies and procedures.
  7. The College accepts no responsibility for the content of electronic mail received. If an individual receives electronic mail that they consider harassing, threatening or offensive, they may contact the appropriate College Office for assistance with information on steps they may take to deal with such messages.
  8. Federal and state laws, as well as College policies against racism, sexism and sexual harassment exist. Additionally, the College has special concern for incidents in which individuals are subject to harassment or threat because of membership in a particular racial, religious, gender or sexual orientation group. Use of the College’s e-mail system to engage in any such activity is expressly forbidden.

Email Quota Policy

Each account holder is provided with a personal e-mail mailbox. The disk quota on e-mail boxes for each category of user is as follows:

Student Email Quota: 5Gb

Faculty/Staff Email Quota: 250 GB. Email for faculty and staff is archived off the email server on a regular basis, leaving only header information. Faculty and staff can click on this information to retrieve the email.

Backup Policy

Backup copies of systems containing e-mail messages will be retained for a period of time not to exceed three months.

Guest E-mail Accounts

Following are the conditions under which a guest e-mail account may be granted on the Pomona e-mail system:

  1. Non-employees who “live” on-campus
  2. Temporary employees of the College
  3. Individuals with temporary assignments on behalf of the College
  4. Individuals on leave-of-absence from one of these categories
  5. Individuals for whom the courtesy of an account is extended for a period of time (up to 3 months) after their qualification under one of the above situations ends.