Educause Security Discussion mailing list archives

Re: Email Disclaimers

From: Hugh Burley <Hburley () TRU CA>
Date: Tue, 13 Mar 2012 09:06:48 -0700

Although I fall on the "silly and useless" side of the debate, many here
have begun to append these messages to email. The fact that we have
published standards stating that encryption is required for any
confidential information that is transmitted or stored outside of our
local area network does not seem to have been considered by these
individuals.
 
Perhaps the real question should be; Could appending a disclaimer do
harm?  Possibly. We have published standards that forbid this activity.
In the event that a legal review were conducted, the university's
published standards would likely out weight the personal disclaimer and
would provide clear evidence that the information was sent
intentionally. 
 
Obviously I am not a lawyer and this is a question I would need to put
to our GC.
 
Regards,
 
 
Hugh Burley
Thompson Rivers University
ITS - Senior Technology Coordinator
Information Security Officer
CISSP, CIPP/C, CISA
Security, Privacy, Audit
BCCOL - 222D
250-852-6351

"Mclaughlin, Kevin (mclaugkl)" <mclaugkl () UCMAIL UC EDU> 3/12/12

6:18 am >>>

Hi Everyone:
 
I have been asked to see if other IHEs make use of email disclaimers. 
If you require or strongly recommend the use of email disclaimers at
your institution would you kick me an off-list email to let me know?   I
will compile the results (redacted) and post a summary back to the
list.
 
Thanks,
- Kevin
 
 
Kevin L. McLaughlin,  CISM, CISSP, GIAC-GSLC, CRISC, PMP, ITIL Master
Certified
Chief Information Security Officer (CISO) & Assistant Vice President
Administration & Finance
TEWG-Region 6 TLO
 
University of Cincinnati
513-556-9177
 
The University of Cincinnati is one of America's top public research
institutions and one of the region's largest employers, with a student
population of more than 42,700.
 
 
 
 
Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information protected by state and federal
privacy laws (including, but not limited to, the Health Insurance
Portability and Accountability Act of 1996(“HIPAA”). Any unauthorized
review, use, disclosure or distribution is prohibited. If you are not
the intended recipient, please contact the sender by reply e-mail and
destroy all copies of the original message.

Current thread:

Email Disclaimers Mclaughlin, Kevin (mclaugkl) (Mar 12)
- Re: Email Disclaimers Julian Y Koh (Mar 12)
  - Re: Email Disclaimers Mclaughlin, Kevin (mclaugkl) (Mar 12)
    - Re: Email Disclaimers Jones, Dan (Mar 12)
  - Re: Email Disclaimers David Curry (Mar 12)
    - Re: Email Disclaimers Christopher Hickernell (Mar 12)
  - Re: Email Disclaimers Pete Hickey (Mar 12)
    - Re: Email Disclaimers Valdis Kletnieks (Mar 12)
    - Re: Email Disclaimers Simon Pedersen (Mar 12)
- Re: Email Disclaimers Louis APONTE (Mar 12)
- Re: Email Disclaimers Hugh Burley (Mar 13)
  - Re: Email Disclaimers David Gillett (Mar 13)
    - Re: Email Disclaimers Jacobson, Dick (Mar 13)
- Re: Email Disclaimers Dennis Tracz (Mar 13)
  - Re: Email Disclaimers Alan Amesbury (Mar 28)