Protecting to minimise the risk of interception or

Protecting personal and confidential information is very important to ensure users comply with current legislation. Users should not store such data in their emails and should never send personal or confidential information unless it is encrypted and the encryption pass-phrase is communicated through a different route. Users should have an organisation provided email account which will be utilized for communication carried out for organisation activities.Users may not use organisation email services to transmit: Bulk emails and unnecessary material (spam) Emails which are likely to cause offensive or inconvenience to the receiverEmail, like all methods of communication, cannot be assumed to be secure. It cannot be postulated that email will be correctly distributed or that the sender is as claimed in the mail headers. Steps must be taken to minimise the risk of interception or breaches of confidentiality. These steps include: All users are responsible for protecting organisations confidential information that they use in any form from unauthorised access and use. All users are responsible for protecting their passwords and other access credentials and they must not divulge passwords to anyone.All users of the organisation confidential information resources must be accurately and individually identifiedAll users must ensure that any device holding mail messages, email addresses must be password protected.Confidential information must be protected on any user computer or portable deviceElectronic records containing the organisations confidential information must be appropriately protected when sent. All users should never redirect or forward emails in the organisation account to an external accountThe organisation must conduct appropriate due diligence to ensure that third parties that store of have access to the organisations confidential information are capable of properly protecting the information