Re: Confidentiality Statement: Emails

["Basgen, Brian" <bbasgen () PIMA EDU>]

 E-mail confidentiality statements are deserving of critique, but it is certainly reasonable to state within some 
e-mails that the content is confidential, etc. The label/statement has to be relevant to the content of the message, 
otherwise the label loses its meaning.

 Rob: what does your institution want to achieve with respect to e-mail confidentiality?

~~~~~~~~~~~~~~~~~~
Brian Basgen
Information Security
Pima Community College
Office: 520-206-4873

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kevin 
Shalla
Sent: Thursday, May 21, 2009 9:01 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Confidentiality Statement: Emails

I'm guessing that there is absolutely no bite in any statement of this sort, and so would just be a waste of disk space 
and network bandwidth.  If you created a postcard with some confidential information on it, then addressed it 
incorrectly, but had this message in it, would the post office workers and the unintended recipient be bound to follow 
its instructions?

Are there any lawyers out there who can speak to this?

At 10:33 AM 5/21/2009, CBELL1 wrote:

Rob,

Here are two examples of confidentiality statements used within our university:

This e-mail, and any files attached to it, may contain privileged and confidential information. It is intended solely 
for the use of the designated addressee(s), and may be legally privileged communication. If you received this e-mail by 
mistake, please notify <!nsert User> immediately and destroy all copies of this e-mail and its attachments. You are 
hereby notified that any third-party dissemination or distribution of this confidential information, or the taking of 
any action in reliance on its contents, is strictly prohibited by state and federal law.

This electronic transmission and any attachments are intended for the exclusive use for the addressee (s). only.  The 
information may contain confidential and/or privileged information exempt and protected from unauthorized disclosure 
under Federal and State law.  In the event some other person or entity received this transmission, the recipient is 
hereby notified that any disclosure, dissemination, distribution or copying of this transmission or its content is not 
authorized and is prohibited.  If you have received this transmission in error, please contact us immediately at 
<Insert Phone_Number>, delete the file from your system, and destroy any hard copies of this transmission.

The differences are only slight but I'm sure that the both make their point.

Clayton

--
Clayton Bellot, CISSP
University of Illinois at Springfield
One University Plaza
BRK180
Springfield, Illinois 62703
217.206.6387




On 5/21/09 8:58 AM, "Robert Clifford" <rclifford2 () CSCC EDU> wrote:
Good morning.  If anyone is willing to share, I'm looking for a confidentiality statement which would automatically be 
plugged into the footer of all college employee emails.  I have one from my previous job in the private community, but 
since we are (some of us) on the public side, I'm thinking the confidentiality statement would be a bit different.

As always, your help is greatly appreciated.

Thanks,
Rob
=====================
Robert Clifford
Information Security/Risk Management/Business Continuity
Columbus State Community College
614-287-3686
rclifford2 () cscc edu