Dakota State University students walking around campus

Preparation + opportunity = success

That's the DSU equation. We're a four-year university with nationally recognized programs, cutting-edge facilities, and the brightest thinkers. But we're also a tight-knit, inclusive community. Small class sizes mean hands-on training and individualized attention. All this with an affordable, public school price that's among the best values in the region.

Read More

Email Usage

Approved by: PRESIDENT
Responsible Officer: Cheif Information Officer
Responsible Office: Information technology services
Originally Issued: 06/04/2013
Last Revision: 02/22/2021
Category: Technology
Related Policy
SDBOR Acceptable Use of Information Technology Systems 7:1
SDBOR Security of Information Technology Systems
SDBOR Personally Identifiable Information
SDBOR Student Email Accounts
DSU Export Controls
Privacy of School Records DSU Admissions Policy
Family Educational Rights and Privacy Act (FERPA)

I. REASON FOR THIS POLICY

Within the scope of its exchange of research and technology, Dakota State University fully commits to compliance with United States export control and trade regulations that govern exports or access to certain information or technologies, or services by foreign persons inside the United States. These laws and regulations are currently administered by various Federal agencies, chief among them the departments of Commerce, State, and Treasury and impact a wide range of university functions, including human resources, student affairs, international affairs, purchasing and procurement, international travel, information technologies, technology transfer, and research.

II. Definitions

  1. Campus Community Faculty, staff, students, and other affiliated classes of individuals (e.g., alumni).
  2. CIO. Chief Information Officer.
  3. Mass Email Communication. The act of sending one email campaign to a large group at once (e.g. newsletters, updates, invitations).
  4. Distribution List. A collection of contacts identified for a specific communication purpose which is generally temporary and changes with membership.
  5. ITS.Information Technology Services. Department responsible for information technology at DSU.
  6. Official Communication. Any communication sanctioned by DSU that includes content related to matters concerning student and employee interaction with the University.
  7. Primary Email Address.The University email address is the address from which, and to which, University business-related email is to be sent and received.
  8. Secondary Email Address.A personal, or alternate, email address different from a Primary Email Address. This address is specified in Banner and/or during setup of a user’s Primary Email Address (DSU Network Account).
  9. Users. Faculty, Staff, Students, Emeritus, Alumni, and Third-Party Vendor or Affiliates.

III. STATEMENT OF POLICY

    1. Email as an Official Means of Communication. Email is an official means of communication at DSU. Faculty and staff shall use DSU email for all DSU official mail correspondence (e.g. student clubs/organizations, course requirements, tuition billing).
    2. Ownership of Email Data. DSU email, wherever it be stored or transmitted, belongs to the University, may be audited by the University at any time, and is subject to disclosure to a third party, including authorized law enforcement personnel. Subject to underlying copyright and other intellectual property rights under applicable law and University policies, the University also owns data transmitted or stored using DSU email accounts.
    3. Email Account Creation. ITS shall create official email accounts for members of the campus community.
    4. Appropriate Use of Email Communications.
      1. Email communications shall comply with relevant federal and state laws, as well as SDBOR and DSU policies, including those governing public computing resources, security considerations, and ethics in computing.
      2. Email shall not be the sole method for notification where another method of communication is required by law.
      3. Faculty may use Learning Management System email to communicate with students if needed.
      4. Users may use DSU email mass distribution lists when authorized to do so.
    5. Prohibited Use of Email Communications. Unacceptable use of DSU email shall include, but is not limited to, the following, and may result in disciplinary action dependent upon the nature of the violation. Users shall not:
      1. Send email when another method of communication is required by law.
      2. Initiate communication using third-party Email services (e.g., Gmail, Microsoft) for class-related and club-related communications that violate FERPA. Where possible, all DSU-related communications shall be done via the DSU Email system.
      3. Use external mass email communication tools (e.g., MailChimp) unless approved by ITS or the President’s Cabinet.
      4. Distribute email messages in such quantity that they negatively impact the day-to-day campus operations and/or individuals receiving such emails.
      5. Intercept, monitor, or otherwise conduct surveillance of e-mail, whether live or stored, of others, unless authorized to do so by the CIO and the appropriate VP or the President.
      6. Distribute fraudulent, libelous, slanderous, harassing, threatening, lewd, or other tortious email communications.
      7. Sell, rent, or share email accounts and passwords with any other person, including, but not limited to, co-workers, friends, family, roommates, supervisors, technical staff, and vendors.
      8. Introduce computer viruses/spam or phishing attacks.
      9. Distribute email communications in a manner that discriminates against individuals because of their gender, ethnicity, sexual orientation, religion, or socio-economic status.
      10. State or imply in an email that the sender represents or speaks on behalf of DSU or any organizational element of the University unless authorized to do so by University administration.
      11. Distribute or exchange obscene material unless previously authorized for bona fide instructional or research purposes.
      12. Use DSU email communications for partisan political purposes, or where the message could be reasonably construed as expressing the position of the DSU itself.
      13. Use DSU email communications for the purpose of benefitting any sectarian or religious society or institution.
      14. Use DSU email communications for advertising, solicitations or promotions, or other private commercial purposes, including personal purposes, expect as permitted under Board policy or with the appropriate approval.
      15. Send communications through DSU-created distribution lists or bulk email without specific authorizations.
      16. Send unsolicited or spam email.
      17. Use DSU email for a personal business operation, personal commercial purposes, or for personal financial or other gain unless the work occurs within the scope of their employment officially representing the University, (e.g., through grants, partnerships, publications, presentation requests, training requests, representing self/group as DSU-employed).
      18. Use DSU email to transmit materials in a manner which violates copyright laws.
    6. Email Retention and Disposal. Users shall not store more than the limits assigned by ITS.
    7. Email Security.
      1. Public Directory Information. A student’s email address shall not be listed in public directory information (FERPA).
      2. Export Controls. DSU users shall be responsible for determining whether data transmitted via email is export controlled and, if so, whether if may be sent in email and/or otherwise transmitted and stored in accordance with federal export control laws and regulations. (See DSU Export Controls Policy 11.1)
      3. Unauthorized Use of Accounts. DSU users shall implement reasonable steps including, but not limited to, the following to prevent unauthorized use of their accounts.
        1. Not sharing Passwords.
        2. Not using their DSU email address and password, nor their username and password, as the credentials to access 3rd-party online services or website, unless required by ITS.
        3. Not sending passwords by email.
        4. Not sending sensitive information, as identified by ITS.
        5. Not posting passwords in any public area.
        6. Reporting any suspected unauthorized use or their accounts.
    8. Administrative Email Monitoring. DSU’s electronic monitoring of the email system to manage risk shall include, but is not limited to, the following:
      1. Scanning for malicious content (e.g., viruses, spam, phishing attacks.)
      2. Bandwidth management.
      3. System upgrades.
      4. University protection.
      5. Employee protection.
      6. Student protections
      7. Information disclosure as necessary to satisfy legal, regulatory, or other governmental requests.
      8. Employee or student account monitoring authorized by the CIO and the appropriate Vice President or the President.
    9. Email Usage Training/Awareness. ITS shall provide the campus community training about email communications to include, but not limited to, appropriate use and inappropriate use.
    10. Email All-Users Responsibilities.
      1. Users shall activate and use official DSU email.
      2. Users shall check their official DSU email on a frequent and consistent basis to remain informed of University communications, as certain communications may be time sensitive.
      3. Users who fail to check their official DSU email on a regular basis are responsible for any resulting consequences.
      4. Users shall read and respond to emails in a timely manner.
      5. Users shall take reasonable precautions to maintain email security.
      6. Users shall not enable or setup the automatic forwarding of messages to systems outside of the DSU email system (e.g., Gmail, Microsoft).
      7. Users shall not forward DSU proprietary business information outside the DSU email system for nonwork-related purposes.
    11. Email Access Restriction.
      1. ITS shall disable a user’s email account if evidence exist that indicates the account has been compromised.
      2. ITS shall deny access to all or part of the system without notice if a user engages in any conduct or activity that is in violation of DSU, BOR, or federal regulations.
    12. Email Priviledges.
      1. Students Who Have Graduated or No Longer Enrolled at DSU. Shall maintain access to their email accounts as long as it is still active and regularly accessed pursuant to ITS specifications.
      2. Employees Who Retire, Resign, or Are Terminated. Shall lose access after their last date of employment.
      3. Emeritus Faculty. May request to keep their email account pursuant to ITS specifications.
    13. Notification to Secondary Email Address. DSU systems and approved employees reserve the right to contact users via their Secondary Email Address if needed.
    14. Mass Email Communication.
      1. The ability to send the following mass email distribution lists shall be limited to these employees/groups unless authorized by President’s Cabinet.
        1. All Student Distribution List: Members of President’s Cabinet
        2. All Faculty Distribution List: Members of President’s Cabinet, College Deans, and General Faculty Leadership.
        3. All Staff Distribution List: Members of President’s Cabinet.
      2. “Sub-category” distribution lists shall not be used with the intent to create a mass distribution list as identified in N.1. Sub-category distribution lists shall be limited to specific groups for a defined purpose for that group unless authorized to do so.
    15. Violations of Email Communications Policy.
      1. DSU shall immediately disable and reset the password for any DSU user whose password has been shared with others, or reasonable evidence exists that it may have been shared, unless the user is working with the ITS Support Desk.
      2. DSU will notify the supervisor of an employee involved in a password violation.
      3. Violations of this policy resulting in the misuse of, unauthorized access to, or unauthorized disclosure or distribution of personally identifiable data may subject individuals to legal or disciplinary actions, up to and including the termination of employment, or contract with DSU, or in the case of students, suspension or expulsion.

Exclusions
None

Exceptions
None

IV PROCEDURES (MAJOR)

  1. Assignment of Primary Email Addresses.Assignment of Primary Email Addresses. Information Technology Services (ITS) shall assign each enrolled students and campus employee a primary email address.
  2. Compromised Email Account or Unsolicited Email Violations.ITS shall immediately disable any DSU email accounts found to be sending phishing messages, spam, or unsolicited emails.
  3. Email Monitoring Requests.
    1. If DSU needs to monitor an employee or student account, the CIO and appropriate Vice President or the President shall provide authorization to do so.
    2. The Vice President or President shall complete an email monitoring request form and submit it to the CIO.
    3. ITS will gather the requested information, provided it is available and accessible in the system and submit a report to the requesting administrator.
  4. Complaints. Users shall direct email communications complaints to the Chief Information Officer (CIO) or the ITS Support Desk.

V. RELATED DOCUMENTS, FORMS, AND TOOLS

Family Educational Rights and Privacy (FERPA)

Standards for Privacy of Individually identifiable Health Information (HIPPA Privacy Rule)

Contact ITS for the following:

  • Distribution list permissions
  • Email monitoring request process
  • Email compliant process
  • Sensitive Information List (Will include link to TDX article)

VI. POLICY HISTORY

Issued: 06/04/2013

Last Revision: 02/22/2021