By David Willis
May 28, 2015
Many advanced markets have regulations in place that require businesses to add disclaimers to their emails whether they want to or not. Some of these are sector-specific, like some of the following examples that apply to the United States.
The Federal Information Security Management Act (FISMA) places the onus squarely on agencies to ensure the security of data within the different branches of the US government (federal, state and local).
The Act defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats. Every government agency is required to conduct annual reviews of information security programs, with the intent of keeping risks at or below specified acceptable levels in a cost-effective, timely and efficient manner. As part of FISMA compliance, agencies and departments must implement ways to track the contents of all outgoing emails.
Email is a prime medium for exchange and storage of company records. Storage in the mail-server does not protect against falsification, nor does it protect against accidental loss or malicious removal. A purpose built email archive system will ensure that relevant data can be maintained for the desired retention period and maintain integrity of the records through tamper-proof mechanisms. Furthermore, the system will provide easy search access to recover data if required by an external auditor.
The Federal Rules of Civil Procedure (FRCP) are regulations that specify procedures for civil legal suits within the United States Federal Court system. A revision to the Rules, which went into effect on December 1, 2006, was established for companies to make provisions for the handling of electronic records and to accommodate electronic discovery, otherwise known as eDiscovery (using electronic data for civil legal actions). An organization must know where their data is, how to retrieve it, how to meet data requests and they must determine what data will not be subject to search.
Organizations that do not have an automated system in place to help them effectively store, search and retrieve email data in real-time face paying high costs for “rush job” eDiscovery requests. In some instances, failure to produce the requested data in a timely fashion may even lead to the loss of a lawsuit.
The Freedom of Information Act is a federal freedom of information law that allows for the full or partial disclosure of previously unreleased information and documents controlled by the United States government.
The speed and economy of email often makes it the preferred means of delivery, carrying risks that the wrong information might be sent or the wrong recipient addressed. As email has become so prevalent for interdepartmental communications, security of communications has become a serious concern.
In order to comply with the FOIA, a law guaranteeing individuals access to public records kept by government agencies, means that an efficient archiving system is a must. Email is a public record, just like any other document, so it is vital that a system is in place to control large amounts of email data.
The GLB Act applies to “financial institutions” – businesses that offer financial products or services to individuals to be used primarily for personal, family, or household purposes. Financial institutions like banks, securities firms and insurance companies are covered by the SEC (Securities and Exchange Commission). Businesses that provide many other types of financial products and services to consumers fall under jurisdiction of the FTC (Federal Trade Commission) for the purposes of enforcing GLB.
Violation of the Act may result in a civil action brought by the U.S. Attorney General. The penalties include up to $100,000 for each violation. In addition, “the officers and directors of the financial institution shall be subject to, and shall be personally liable for, a civil penalty of not more than $10,000 for each such violation”. Criminal penalties may include up to 5 years in prison. The Act has been cited by many as the cause of the 2007 subprime mortgage financial crisis, which triggered the recession of 2008.
Today, the vast majority of organizations use email to communicate internally and as a vehicle for the exchange of documents and correspondence between businesses and consumers. Since personal financial information can be transmitted by and retained in electronic formats, it is critical to ensure that the management of such records complies with GLB.
Check back soon to see what other disclaimer laws are in place in the United States.
If you're looking for an easy way to design and manage professional email signatures across your whole organization, we're here to help. Find out more or start your free trial today!
Learn More Start your Free Trial
Email Signatures for Dummies
Conversational Office 365 Email Signatures
Top 10 Email Signature Headaches
Manage professional email signatures across all devices with our range of email signature management solutions
© 2021 Exclaimer Limited
To understand how Exclaimer complies with the Data Protection Act 2018 and GDPR, please visit our legal page here.