Responsible Executive Authority
To increase employee awareness of communication protocols that respect student and employee privacy, prevent the disclosure of sensitive information, adhere to applicable law, and establish email as the official internal communications medium of the college.
To respect student and employee privacy, and adhere to privacy, data retention, and other applicable laws, Lane employees must have knowledge of policies, procedures and legal issues that govern employee practices when communicating college business.
In Oregon, every person has a right to inspect any public record of a public body in this state, except where explicitly excluded by Oregon’s public records law. (ORS 192.501 to 192.505). These public records consist of any writing pertaining to the public’s business, regardless of when the writing is written, to whom or where the writing is stored. This includes anything done on college computers, and also includes all college business, including files and emails, stored or sent on personal computers or devices. Regarding email, this includes spam, advertisements, and personal emails sent on college computers or through college provided email. Any employees affected by a public records request at Lane will be notified in accordance with employment contracts. Remember that your college email is never private.
There are additional requirements based on state regulations that govern retention of public records. Communications with retention requirements should occur only in forms that can be retained for the required time period. For example, correspondence related to developing and/or providing an employee in-service or training has a five-year retention requirement (records retention schedule part 166-450-0090(13)). This means that if you are discussing training or in-service committee work in a chat program, and that chat program does not retain a history of messages for at least five years, the committee’s conversation may not happen via that chat application. Employees are encouraged to review the appropriate records retention schedule or consult with the college archivist.
Any college business conducted via a personal account or device may be subjecting that account or device to a legal discovery request and/or may be creating a privacy issue that violates federal FERPA requirements. Consider this scenario: John Doe, an instructor at Lane with the email address email@example.com, automatically forwards email to his personal address (firstname.lastname@example.org). A student emails the instructor specific questions about her last test grade, and includes personally identifiable information so that the instructor can contact her. In this situation, John has potentially created a FERPA violation by forwarding that email to his example.com account, since he has provided protected information to a third party who can now read that email. Additionally, since John’s example.com email address has been used to conduct public business, John’s personal email and devices are now discoverable in a lawsuit and he may need to produce emails from his personal account in response to a public records request.
Employee Communication requirements
- Organizational units that manage their own digital communications are expected to ensure that their digital records adhere to retention, access, and privacy laws.
- Employees are expected to check their email on a regular basis in order to stay current with college-related communications. Managers will provide computer access to employees whose positions do not provide them with regular access to a computer, as well as a reasonable amount of time to use the computer provided for the purpose of checking their email.
- Email is an important method for communicating with students. It communicates with its appearance as well as its message. Identifiers such as signatures should include standard information such as name, position, and college name, and should not contain disclaimers of any kind. Employees may wish to consult the College Graphic Standards for examples.
- In the interest of institutional integrity, professionalism, privacy, and adherence to applicable law and Board policy, employees are expected to:
- communicate in a way that protects the privacy of student information and educational records (FERPA);
- refrain from communicating private student or employee information via text message;
- refrain from using personal email accounts to conduct college business;
- not use college email, phones, or other communication mediums for commercial, religious, or political mailings, except as allowed in employment contracts;
- not use college communication systems for personal gain; except as allowed under government ethics laws;
- check and respond to emails warranting a response with a frequency and regularity commensurate with your position at the college.
- Recognize that emails sent to large groups can sometimes result in multiple replies sent via "Reply All," and that this can cause inconvenience or even difficulty for some members of the college community. Employees should consider using the BCC field for messages sent to large groups. In the academic tradition of free and open discussion, employees using the BCC field for large group mailings are expected to include a statement that identifies the recipient groups (e.g. division faculty, department staff, manager group, etc.).