Versions Compared

Old Version 2

changes.mady.by.user Kalevi Lehto

Saved on

compared with

New Version 3

changes.mady.by.user Kalevi Lehto

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Table of Contents

1 1    General

In handling electronic documents, the University adapts the principles of privacy of correspondence, protection of privacy and good administrative procedures. The rights of communicating parties shall be protected. The bounds of secrecy and prohibition against exploitation that concern the users are described later in the Act on the Protection of Privacy in Electronic Communications (16.6.2004/516) and in the Act on the Protection of Privacy in Working Life (13.8.2004/759). The rules concerning the bounds of secrecy and prohibition against exploitation are described later in this document and in the General Policy on the Use of Information Systems and the Policy of Information Systems Maintenance.

...

The current regulations for handling e-mail and other policies and rules concerning information security are published in the university announcement portal.

2        2    Definition and Handling of Email Messages and Addresses

2.1         1    Definitions and Scopes of Use

...

The University and its units shall have organizational email addresses for running official business and offering services (e.g. kirjaamo@ metropolia.fi or helpdesk@ metropolia.fi). The services of the University shall be approached primarily using the organizational email addresses instead of the official addresses of individual employees.

2.2         2    Publishing of Email Addresses

...

Email addresses should always be in the form based on the user’s name, both in the settings of the email client and otherwise published.

2.3 3    Handling of Organizational Email Messages

...

Organizational email messages shall be handled in a manner required by the Act on the Openness of Government Activities (621/1999). The Act defines among other things what an official document is, which information in an official document is confidential, and when access to a document can be granted.

2.4 4    Handling of Official Email Messages

...

Official email messages shall be handled in a manner required by the Act on the Openness of Government Activities (621/1999). The Act defines among other things what an official document is, which information in an official document is confidential, and when access to a document can be granted.

2.5 5    Handling of Personal Email Messages

...

It is not allowed to use University mail servers to send chain letters or mass email. The necessity of the University to communicate on a large scale to members of the University community is considered case by case.

2.6 6    Handling of Other Email Messages

...

When using user accounts connected to email accounts outside of the University, use of the same passwords as for University-issued user accounts is not allowed.

3 3    Messages Requiring Special Measures

3.1 1    Restricting Email Messages and Their Attachments

...

The University has also the right to delete messages and attachments containing viruses and other malware. The University is not required to inform the sender of the filtering or deletion of a single message. The filtering is performed automatically in the email system. The users will be informed of these restrictions in the document Instructions for Filtering Email.

3.2 2    Handling of Spam

The University protects its email services and diminishes the problem with spam by filtering messages arriving from servers known to relay spam or messages that are classified as spam on the grounds of the content of their subject line or automated content analysis. The restrictions are implemented in the email service by technical means. The University may also delete the filtered messages on behalf of the user.

...

The user can report disturbing spam to maintenance personnel or the IT support. In practice, the maintenance can only try to intervene in messages sent from Finland.

3.3 3    Handling of Undeliverable Email

...

The responsibilities for sending and returning do not apply to malware messages or spam.

3.4 4    Handling of Email Arriving at an Incorrect Address

...

The duties of sending and returning do not apply to malware messages or spam.

4 4    Handling of Email in Special Situations

4.1 1    Automatic Responses to Messages

It is not recommended to use automatic replies. If, however, an automatic reply is deemed necessary (e.g. long vacations of employees, leave of absence or termination of employment), the automated reply shall advise the original sender to contact primarily the appropriate organizational address.

4.2 2    Termination of Employment or Study Right

...

Before the termination of the user rights, a student is responsible for informing his or her communication partners of the upcoming termination of his or her email account.

4.3 3    Procedural Rules While an Employee is Temporarily Absent

...

When the absence is known in advance, the employee and his or her superior shall take care of the proper handling of the employee’s email. The recommended way is to give the person in charge of the duties during the absence the access to the email by access control lists. (For information on automatic replies, see chapter 4.1.)

...

If the employee has not given another person, accepted by the employer, the consent to access and open the messages belonging to the employer while the employee is absent, or the consent cannot be obtained due to a serious illness, the University President may order the employee’s superior, with the help of the administrator of the mail server, to access and open the above-defined official email messages, while the employee is absent. The reason for accessing and opening the email, persons taking part in it, the time of the procedure and the person or persons having received information of the opened email message have to be documented, and the employee has to be notified without unnecessary delay.

4.4 4    Messages and Mail Boxes Harming or Endangering the Email System

The right of the maintenance of the email system to intervene in the email traffic to ensure the service or security of the email system is prescribed in more detail in the document Administrative Rules of Information Systems.

5 5    Encryption and Verification of an Email Message

...

If official email has been encrypted in such a way that only the receiver can open it, it must be opened immediately after the transfer. If necessary, it can be encrypted again in such a way that it can be accessed also by other persons handling the matter in question. This duty does not apply to malware or spam.

6 6    Monitoring Email Usage and Collecting and Storing Log Information

Instructions on monitoring email usage and collecting and storing log information can be found in the document Administrative Rules of Information Systems.

7 7    Supervision of These Rules

...