24. HealthSafe Email Usage Policy



EMAIL USAGE POLICY



Document Identification 

HSNZ/POL/24

Document Name

Email Usage Policy

Master Copy

CISO

Version Number

1.3

Date Of Release 

15 Aug 2023

Prepared By

Eparama Tuibenau

CISO

Approved by

Kevin McAfee

Managing Director


 

VERSION HISTORY


Sl No

Version No.

Prepared by

Approved by

Description of Version

Date

Reason for Version Change

From

To

1

1.0

-

CISO

MD

First Release

14 Apr 2020 

No changes made

1

1.0

1.1

CISO

MD

Updated

23 July 2021 

Modifications due to changes in HealthSafe

1

1.1

1.2

CISO

MD

Reviewed

28 July 2022 

Annual review

1

1.2

1.3

CISO

MD

Reviewed

15 Aug 2023

Annual review


DOCUMENT STATUS


Date

Document Status

14 Apr 2020

Modified

23 Jul 2021

Reviewed

28 Jul 2022

Reviewed

15 Aug 2023

Current


Table of Contents

1 Purpose


2 Scope


3 Input


4 Output


5 Interacting Process


6 Abbreviations, Acronyms and Definitions


7 Procedure


8 Monitoring the Process


9 Records



  1. PURPOSE
    The purpose of this document is to establish and maintain a policy for Email usage policy for HealthSafe.

  2. SCOPE
    These procedures apply to all aspects of Email usage.

  3. ABBREVIATIONS, ACRONYMS AND DEFINITIONS

Abbreviation

Description

IT

Information Technology Department

TL

Team Lead

CISO

Chief Information Security Officer

CIA

Confidentiality Integrity Availability


4 INPUT

The privilege and controlled method of usage to ensure the CIA has not been affected


5 OUTPUT

Privileges given to each and every user by the management according to their operation and business need

6 INTERACTING PROCESS

Functional Head


7 PROCEDURE

Email

  • The email facility, either official or public accessible through HealthSafe infrastructure should be used for legitimate official company work purposes only.  
  • Company email account shall not be used for the creation and distribution of any illegal or wrongful or offensive emails about race, gender, age, sexual orientation, pornography, religious or political beliefs, national origin or disability
  • Sending chain letters or joke emails from the HealthSafe email account is prohibited. 
  • Company email must not be used for online registrations unless the online platform is used for work purposes.
  • Email must not be used for generation of unsolicited commercial email or SPAM.  Internal generation or origination of such content will result in disciplinary action.
  • Sending mass emails will be permitted only to authorised personnel and others should get approval from HealthSafe Management before sending. 
  • Executable files require signoff from IT Manager before being released. In no circumstances is blocked content containing malicious text to be released.
  • Employees must use extreme caution when opening email attachments received from unknown senders, which may contain viruses, email bombs, or Trojan horse code.
  • Email to and from HealthSafe is scanned for inappropriate content and reported accordingly. Where content is blocked, the sender would be notified via email. 
  • Where the sender is external, the internal recipient and IT Manager is notified of the blocked message. Where the sender is internal, the sender and IT Manager is notified of the blocked message.
  • Blocked content must not be released unless required for business purposes.  Content must be confirmed to be clear of all known malicious code before being released. 
  • HealthSafe employees shall have no expectation of privacy in anything they store, send or receive on the company’s email system. HealthSafe may monitor messages without prior notice.  HealthSafe is not obliged to monitor email messages.
  • All outgoing emails from HealthSafe must contain following signature and disclaimer notice:

 

First name Last name

Position

Mobile number

e: support@healthsafe.co  |  w: www.healthsafe.co  |  p: (0800) 357-242

The information contained in this email including attachments is confidential in nature and may not be disclosed without prior written consent from Health Safe NZ Limited. All intellectual property rights, including copyright and the HealthSafe and SecurePass Trademarks, are owned by HealthSafe NZ Limited. © 2022.

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify HealthSafe NZ. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.




8 MONITORING THE PROCESS

This process is monitored by the IT on emails and their usages


9 RECORDS

Google Workspace Logs