Naropa University Email Policy

Modified on Tue, Dec 6, 2022 at 10:43 AM

The purpose of this policy is to describe the appropriate use of Naropa University email and details all associated responsibilities required by users.

Statement of Policy

Policy Coverage:

This email policy covers all uses and users of Naropa.edu email accounts and facilities, hereafter referred to as University Email. By utilizing University Email, users consent to all provisions of this policy and agree to comply with all of the terms and conditions set forth herein, as well as all other applicable University policies, regulations, and procedures, and with applicable local, state, and federal laws and regulations.

Users of University Email, whose actions violate this policy or any other University policy or regulation, may be subject to revocation or limitation of email privileges as well as other disciplinary actions and/or may be referred to appropriate external authorities.

Requirement:

Naropa.edu email (and the use of that email) is required for all staff, faculty (core and adjunct), and instructors. If a graduate assistant, workstudy, and/or temporary employee will be corresponding via email in a work capacity, a Naropa.edu email account is then required. Personal and/or Naropa student email addresses are not allowed for business correspondence.

Email Naming:
Upon hiring or enrollment, all Naropa staff, faculty, student and other entities will be assigned a Naropa email address (in as truncated a fashion as possible, due to Windows character restrictions) indicating an individual's first initial and legal last name. Nicknames or preferred names are not indicated through the address (though they can be applied to the cosmetic display name at IT's discretion).

Departmental Work Studies, Graduate Assistants and Academic Support will be given an abbreviated prefix to their email account that indicates their role and/or department they are associated with.

Email Name Changes:
Naropa email addresses cannot be changed without Registrar or Human Resources approval and must still meet all legal name requirements. Changed accounts are required to keep an alias (or legacy address) of the previous account for the duration of use, to main contact consistency.

Name change requests, which are NOT legal name changes, and which affect the email address of your account will be possible after August of 2020. Please submit a New IT Ticket to initiate this process at anytime by emailing helpdesk@naropa.edu.

Naropa University and the IT Department are able to accommodate reasonable account name change and email change requests based on gender transitions and the actual name you go by. You may only request a name change every 180 days.

Access to Email:

Naropa University provides university email for legitimate University-related activities to faculty, students, staff, and other entities. All staff and faculty are required to possess a naropa.edu account for contact and Naropa business-related concerns, and to check this account frequently.

Outlook Web Access has been provided by Naropa University to allow staff and faculty access to their email via their web browser. All policies and agreements herein also apply to Naropa Outlook Web Access, also referred to as Naropa Webmail.

User Responsibilities/Naropa Responsibilities:

Naropa IT provides creation, management, and distribution of all University Email Accounts. Staff members & faculty are required to activate and utilize their Naropa issued Email Account once it has been created.

Naropa's Information Technology Department is the owner and administrator of centralized email and directory information for all Naropa campuses and locations.

Users are expected to read, and shall be presumed to have received and read, all official Naropa University email messages sent to their Naropa University Email Accounts.

Users are not allowed to redirect or automatically forward (via email rule or other function) their Naropa.edu email to any non-Naropa email address. Naropa employees (incl staff and faculty) are forbidden from giving out a non-Naropa email address to any student as their Naropa contact address. When acting in an official capacity as a student or employee of Naropa University, you must use your Naropa.edu email address exclusively. Disregarding this policy may result in disciplinary action.

Use of Email for University Business:

A Naropa University Email Account shall be considered an official means for communicating University business, and may, in some cases, be the sole means of communication. Because the contents of such email are subject to laws governing public records, users will need to exercise judgment in sending content that may be deemed confidential. Furthermore, email transmissions may not always be secure, and contents that are expected to remain confidential should not be communicated via email if concern for the content's security is of the highest import.

All incoming and outgoing mail is backed up as a matter of university & legal record.

Deans, vice presidents, and their appointees may send broad-based Messages relating to University business without any prior approval. The author of any business messages, however, assumes responsibility for assuring that messages do not violate any University policies, regulations, or procedures. Disclaimers of confidentiality included in email messages do not protect the sender if confidential information is shared or disclosed inappropriately.

Acceptable/Unacceptable Use:

Naropa provides university email for activities and associated administrative functions supporting its mission of academic excellence, contemplative insight and wisdom. Although modest personal use of University email is allowed, University Email should be used for University-related educational and administrative purposes. Any use of University Email that interferes with University activities and functions or does not respect the image and reputation of Naropa University is considered improper use.

Policies and regulations that apply to other forms of communications at the University also apply to electronic mail.
In addition, the following specific actions and uses of University Email are considered improper and in violation of permitted use:

Concealment or misrepresentation of names or affiliations in email messages.
Alteration of source or destination address of email.
Use of email for commercial or private business purposes that have not been approved by Naropa University.
Use of email to harass or threaten other individuals.
Use of email that degrades or demeans other individuals.

Privacy:

All electronic mail sent to and/or from naropa.edu and students.naropa.edu accounts and addresses, including any and all attached files, are the sole property of Naropa University. No assurance of personal privacy of this email is offered or implied.

Naropa University does not monitor the content of electronic mail as a routine procedure. The University (and the IT Department as proxy) does reserve the right to inspect, copy, store, or disclose the contents of electronic mail messages as needed, but will do so only when it believes these actions are appropriate to: prevent or correct improper use of University Email; ensure compliance with University policies, procedures, or regulations; satisfy a legal obligation; or ensure the proper operations of University Email or our data network as a whole.

Naropa Mailing Lists/Listserv:
Staff and faculty mailing lists are for:

The communication and business affairs of the Naropa Community
Emergency and urgent campus related matters

University email policy applies to all university mailing lists. Moderation of messages for Naropa Mailing lists will be required by Naropa staff and faculty. Announcements and events of Naropa Community members associated with Naropa sponsored events, (E.g. art shows, performances, on/off campus events) need to be sent one week in advance to events@naropa.edu for posting to the list. Announcements and events are not to be posted directly to the staff/corefaculty/adjunct faculty lists with the exception of announcements from the President.

Only people who are members of a list serve can send to that list serve (E.g. Faculty cannot send to the staff list and staff cannot send the faculty list, unless they are a member of both lists or they request that the moderator of the list(s) to allow it through for them).

E-Mail Retention and Disposal:

Email stored on the Naropa's mail server will generally be preserved for no longer than 15 days after deletion from a mailbox. Log files associated with email messages which provide a record of actual email transactions, but not the email content, are generally preserved for no longer than 90 days.

All Naropa email is automatically archived to a dedicated archive appliance by the Information Technology department for discovery and compliance purposes. Archived email is retained for a minimum of 7 years.

Email correspondence and associated documents sent as attachments may be considered official University records, and, as such, may need to be retained longer than the established policy guidelines for email retention and disposal.

Disclaimer:

The University makes no warranties of any kind, whether expressed or implied, with respect to the University Email Facilities it provides. The University will not be responsible for damages resulting from the use of University Email, including, but not limited to, loss of data resulting from delays, non-deliveries, missed deliveries, service interruptions caused by the negligence of a University employee, or by the User's error or omissions. The University specifically denies any responsibility for the accuracy or quality of information obtained through University Email, except material represented as an official University record.

While email is often expected to function as a real-time communication method, in reality email does not function in that way. Email messages (inbound or outbound) can be delayed for minutes, hours, sometimes even days.

Policy Under Development:

As you are all aware, it's important not to send or request sensitive information (social security numbers, bank account details, etc) via email (either in the body or via attachments). However, if necessary, please use email encryption to send or request sensitive information. Instructions are below.

Please note: this protocol and requirement will be codified through our current policy-making initiative as curated through our upcoming IT Governance launch.

Notes on sending sensitive information via email:

email can be intercepted and the contents used as components of identity fraud or check fraud (printed or ACH)
emails can sit on poorly protected external servers at other companies and be subject to breach and contents sold to bad actors
keep in mind that even if it feels like a single piece of information would not create a risk, bad actors are very clever at cobbling together information to effect compromise
sensitive information is classified differently by different regulatory and advisory bodies. Naropa is updating our internal data classification standards through governance procedures. If you are not sure, please encrypt.
One hard and fast rule: do not request or send credit card data via email, encrypted or not. Also, it should not be captured in any form other than through payment/donation processing services (almabase/touchnet/self-service payment gateway, square, etc). This means don't store in One-Drive, Y drive, or on scratch paper.

Email Encryption Instructions:

You can navigate through MyNaropa to find the encryption instructions as follows.

Access MyNaropa
Click on IT Help Desk
In the Email section, click Encrypt Email

Or you can use this link:

https://helpdesk.naropa.edu/a/solutions/articles/60000713160

**Remember to only use links in emails if you are 100% sure that the email is from a trusted source.?

Feel free to email helpdesk@naropa.edu if you need help with encryption.