Purpose

Danville Area Community College (DACC) provides email to all authorized students and employees. This is used as an internal and external business communications tool for Students, Faculty and Staff. The email system is intended primarily for business and educational purposes. This policy outlines the acceptable use of the DACC email system. Due to cost and today's security concerns with email systems, email will only be provided while employed or an active student.

Emails are Property of Danville Area Community College

Emails are the property of Danville Area Community College and should not be considered as private property. Danville Area Community College has the right to inspect or read emails if necessary. Although it is allowable to use the email system for personal communications, the email system should not be used for private communications between other personal entities such as banks and credit card companies. For personal business or use, you should use a personal email like Gmail, Yahoo, Comcast, etc. Emails could be included in the event of a Freedom of Information Act (FOIA) request (Board Policy 5003 Freedom of Information.)

Email Guidelines for Students, Faculty and Staff

• Be professional when sending email; be careful what you say to or about others.
• Do not send email which may be offensive to the recipient.
• Do not assume that email is necessarily private to you and the recipient. All emails may be made publicly available via FOIA request.
• DACC strongly discourages using email for personal business, such as for paying bills online, or subscription services.
• Employees should set up a signature that is appended to the end of all outgoing messages. This can be used by others as a checking point for legitimacy.
• When replaying to a group email, limit the use of the "reply to all" options. Use BCC (blind copy) when the option is viable.

Security

• All employees should follow compliance with HIPAA (Health Insurance Portability and Accountability Act), FERPA (Family Educational Rights and Privacy Act) and GLBA (Gramm-Leach-Bliiley Act) for information transmission.
• Attachments
  • When sending attachments, ensure that the content does not include protected personally identifiable information (PPI or PII) such as social security numbers.
  • There are limitations on the size of attachments, if the needed attachments are large, please use other means to grant access to them. Utilize shared drives such as Google Drive.
  • When an email is received, make sure you know where this email was coming from; ensure that it is a trusted source.
• Content
  • Never include personal information social security numbers, birth dates, addresses, etc.) in an email.
  • Never use student names in email subject lines. Use the student’s ID number instead.
• Links
  • Do not click on links in any email unless the email was from a trusted source, can be verified, and was expected.
• Untrusted
  • Emails that have been received from untrusted sources or of questionable content should be reported. This can be done via the browser user interface for Gmail or by forwarding the email to our helpdesk.
• Encrypted Email
  • Danville Area Community College does provide encryption service to limited personnel that require transmission of sensitive information. FERPA rules apply.
• Public Computer Access
  • Be aware that any computer that is used to access your email, should be a trusted private computer and not a public computer such as ones used in public libraries.
  • If a public computer must be used, you should clear the browser's history and cache after use. You should also log off the email system when complete. This would include public use computers on campus.
• Authentication
  • In keeping with industry standards, Danville Area Community College requires multi-factor authentication (MFA) on all student and employee email accounts.

What is Not Allowed

In addition to this policy, please also refer to the Board Policies on Data Governance, Policy (6034).

Inappropriate Email Content

Do not forward or send inappropriate emails. This includes illegal information or content that violates laws or regulations, racist or obscene language or material, or solicitations for products that are not institutionally relevant. If you receive an inappropriate email, contact Human Resources or to report it via the helpdesk.

Retention

• It is the individual that needs to make the determination if an email must be retained.
• It is also appropriate to print an email to be filed in traditional paper format.
• Emails that contain legal, operational evidence of related activities or events, or are of historical value, should be retained.
• Examples of emails to retain include but are not limited to:
  • Invoices
  • Reports, studies, or positional papers
  • Statements or actions on decisions
  • Business transactions
• Please refer to the Board Policy on Retention of College Records, Policy (6032) for retention time.

Consequences of Non-Compliance

• Failure to comply with policies could result in disciplinary actions.
• Non-compliance with HIPAA, FERPA, and GLBA requirements could result in punitive actions.

Termination of Employment / School Academic Attendance

• Students
  • Voluntary
    • Graduation or Withdrawal of classes; no longer attending
      • Student accounts are disabled after six (6) months of inactivity. Inactivity is defined as no longer being a current DACC student.
      • When the account is disabled, any data related to it such as stored emails, cloud storage, and files are permanently deleted. It is the student’s responsibility to transfer files before the account is disabled.
  • Non-Voluntary
    • Immediate termination of email for a student banned from campus upon notification from the Provost or assigned proxy.
• Employees
  • Termination/Resignation
    • Immediate termination of email access upon notification from Human Resources.