Rick Barry

      The Rick Barry Workshops Breakout Question
      Auckland and Wellington, New Zealand, March 1999

       

      "Where, if anywhere, are our organisational business processes vulnerable for lack of email policy?"

       

      Delegates at the Rick Barry Workshops were assigned to breakout groups during a working lunch to discuss the questions "Where, if anywhere, are our organisational business processes vulnerable for lack of email policy?", and to prepare a five-minute presentation to the workshop.

      Earlier, in his email policy presentation "What we’ve got here is a failure to communicate", U.S. information management consultant Rick Barry, pictured above, revealed details of an email use study he had undertaken in a large U.S. organisation and the policies he had recommended as a result. Among the lessons learned from the study were the realisation that recordkeeping functions must be part of a system specifications, that the lack of a policy ensured major recordkeeping gaps but the mere existence of a policy was not enough without staff awareness of it and of its importance.

      1.   The breakout groups found policy failings in almost every aspect of email activity within their organisations and all identified particular weaknesses in records management, information technology and human resources departments.

      2.   Unanimously, the groups agreed that an electronic mail management policy should clarify where and how email fits into the business process. It must make clear that email was just another form of record, like paper-based mail, telephone voice mail and facsimile messages.

      3.   A policy should be prepared in the form of a working paper of written guidelines available in hard-copy and/or electronically to all staff. Management must be concerned with issues of privacy, authenticity, propriety and security to reduce the organisations vulnerability from misuse, inappropriate communications and electronic assault by viruses or vandalism.

      4.   Email was evidence of action, in the same way as other forms of record. It was part of an organisation’s decision-making process which should be captured. Lack of an effective email policy brought risks of incomplete records. This in turn, reduced the ability to prove authenticity or authority of actions and decisions, and increased the likelihood of inconsistency in decision-making, the groups emphasised.

      5.   A policy needed teeth - signed agreements, personal user identities - but disciplinary procedures were not practicable unless processes and rules were generally accepted by users. Policy-makers should take account of staff expectations and awareness. A policy had to created through consultations to ensure staff acceptance and understanding. Staff "buy- in" was vital for the success of a new policy.

      6.   An email policy must identify email types, e.g.: business, including decision-making, strategic, disciplinary functions, staff instruction, staff information (business, social) and inter-staff memoranda (business, social, person-specific), and personal communications, involving internal/external traffic, inter-staff, significant and ephemeral messages.

      7.   The groups identified weaknesses in security procedures within their organisations. Emails and attachments were not captured throughout. No control was kept of message version variations. Disposal of messages was uncontrolled and subject to instant, unguided decisions. Many organisations failed to guide staff over contents and/or management of attachments. Where processes did exist, they were often easily by-passed or ignored.

      8.   Ownership of messages was unclear, though in most situations, the email system and liability for its use was the organisation’s. User disclaimers offered no protection from an organisation’s liability for what was transmitted. A policy should make clear that all messages on a system were the property and responsibility of the organisation, subject to audit, monitoring and retention.

      9.   Other problems identified by the delegates were email multiple topics, informal message composition culture and language clarity, management of meta-data or "buried data" as one group called it, observance and retention of Internet etiquette ("Netiquette") and the linking of messages to create a "decision track".

      10.   All considered the absence of adequate email management training a fundamental weakness in their organisations’ management processes, a lack made worse by high staff turnover. Details of discussions and decisions were lost through staff movements. These decisions were often in email messages, but their whereabouts unknown and inaccessible.

      10.1   In the Records Management culture, email messages must be recognised as records and treated like other communications. Information management should be concerned with all points of email processes, capture, access, retrieval and protection of both incoming and outgoing mail.

      10.2   In Human Resources, care must be taken over staff confidentiality and the appropriate use of data. HR departments must accept responsibility for access, monitoring and disclosure of information, and be made aware of the risks, both social and legal, of breaches of privacy legislation. Its policy for handling email should be the same as that for other media. Pressures would also occur over staff use of the email system, the appropriateness of email content and organisation liability.

      10.3   Information Technology staff members were woefully lacking in information management training, the groups determined. The IT culture required strong direction on issues of system performance, the capture of data with its context ("meta-data"), the physical limitations of storage and the control of attachments.

      11.   One group identified the impact of customer relations on email management. Policies were needed within information management, where concerns over speed of service, customers’ preferences, informality and indifference to an organisation’s prescribed processes brought their own difficulties.

      Group leaders were: Peter Allsop (Tauranga District Council), Geoff Bethell (Industrial Research Ltd), Robyn Caldwell (Fletcher Challenge Archives), Vera Giles (Fletcher Challenge Energy), Trish O’Kane (SWIM Ltd) and Geraldine Murphy (Wellington City Council).





      End note: In his presentation, Rick Barry recommended a paper by David Wallace "Recordkeeping and Email Policy: The State of Thought and the State of Practice", on the Barry Associates company website page Email HOT TOPICS. Rick noted that the paper lacked examples of private sector email policies that include recordkeeping, and that David Wallace, davwal@umich.edu, would greatly appreciate receiving copies of such examples from private sector sources.

      Rick's Email HOT TOPICS section contains many other email resources, including his "Netiquette" guidelines. More Netiquette guidance may be found on the Florida Atlantic University website at http://www.fau.edu/netiquette/net/netiquette.html .

       

      To go to The Caldeson Consultancy Home Page, click HERE

      .


      Michael Steemson
      Michael Steemson

        For more information, mail to:


        Michael Steemson,
        The Caldeson Consultancy.